From aea3ebf3285fab9c43e2f1e4e4a22798cf545acd Mon Sep 17 00:00:00 2001 From: GoEdgeLab Date: Tue, 16 Jan 2024 20:42:13 +0800 Subject: [PATCH] =?UTF-8?q?WAF=E6=93=8D=E4=BD=9C=E7=AC=A6=E5=A2=9E?= =?UTF-8?q?=E5=8A=A0=E2=80=9C=E5=8C=85=E5=90=ABSQL=E6=B3=A8=E5=85=A5-?= =?UTF-8?q?=E4=B8=A5=E6=A0=BC=E6=A8=A1=E5=BC=8F=E2=80=9D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../http_firewall_rule_operator.go | 64 +++++++++++-------- 1 file changed, 36 insertions(+), 28 deletions(-) diff --git a/pkg/serverconfigs/firewallconfigs/http_firewall_rule_operator.go b/pkg/serverconfigs/firewallconfigs/http_firewall_rule_operator.go index 5de8c94..27eec3f 100644 --- a/pkg/serverconfigs/firewallconfigs/http_firewall_rule_operator.go +++ b/pkg/serverconfigs/firewallconfigs/http_firewall_rule_operator.go @@ -4,34 +4,35 @@ type HTTPFirewallRuleOperator = string type HTTPFirewallRuleCaseInsensitive = string const ( - HTTPFirewallRuleOperatorGt HTTPFirewallRuleOperator = "gt" - HTTPFirewallRuleOperatorGte HTTPFirewallRuleOperator = "gte" - HTTPFirewallRuleOperatorLt HTTPFirewallRuleOperator = "lt" - HTTPFirewallRuleOperatorLte HTTPFirewallRuleOperator = "lte" - HTTPFirewallRuleOperatorEq HTTPFirewallRuleOperator = "eq" - HTTPFirewallRuleOperatorNeq HTTPFirewallRuleOperator = "neq" - HTTPFirewallRuleOperatorEqString HTTPFirewallRuleOperator = "eq string" - HTTPFirewallRuleOperatorNeqString HTTPFirewallRuleOperator = "neq string" - HTTPFirewallRuleOperatorMatch HTTPFirewallRuleOperator = "match" - HTTPFirewallRuleOperatorNotMatch HTTPFirewallRuleOperator = "not match" - HTTPFirewallRuleOperatorWildcardMatch HTTPFirewallRuleOperator = "wildcard match" - HTTPFirewallRuleOperatorWildcardNotMatch HTTPFirewallRuleOperator = "wildcard not match" - HTTPFirewallRuleOperatorContains HTTPFirewallRuleOperator = "contains" - HTTPFirewallRuleOperatorNotContains HTTPFirewallRuleOperator = "not contains" - HTTPFirewallRuleOperatorContainsAnyWord HTTPFirewallRuleOperator = "contains any word" - HTTPFirewallRuleOperatorContainsAllWords HTTPFirewallRuleOperator = "contains all words" - HTTPFirewallRuleOperatorNotContainsAnyWord HTTPFirewallRuleOperator = "not contains any word" - HTTPFirewallRuleOperatorPrefix HTTPFirewallRuleOperator = "prefix" - HTTPFirewallRuleOperatorSuffix HTTPFirewallRuleOperator = "suffix" - HTTPFirewallRuleOperatorContainsAny HTTPFirewallRuleOperator = "contains any" - HTTPFirewallRuleOperatorContainsAll HTTPFirewallRuleOperator = "contains all" - HTTPFirewallRuleOperatorContainsSQLInjection HTTPFirewallRuleOperator = "contains sql injection" - HTTPFirewallRuleOperatorContainsXSS HTTPFirewallRuleOperator = "contains xss" - HTTPFirewallRuleOperatorContainsXSSStrictly HTTPFirewallRuleOperator = "contains xss strictly" - HTTPFirewallRuleOperatorHasKey HTTPFirewallRuleOperator = "has key" // has key in slice or map - HTTPFirewallRuleOperatorVersionGt HTTPFirewallRuleOperator = "version gt" - HTTPFirewallRuleOperatorVersionLt HTTPFirewallRuleOperator = "version lt" - HTTPFirewallRuleOperatorVersionRange HTTPFirewallRuleOperator = "version range" + HTTPFirewallRuleOperatorGt HTTPFirewallRuleOperator = "gt" + HTTPFirewallRuleOperatorGte HTTPFirewallRuleOperator = "gte" + HTTPFirewallRuleOperatorLt HTTPFirewallRuleOperator = "lt" + HTTPFirewallRuleOperatorLte HTTPFirewallRuleOperator = "lte" + HTTPFirewallRuleOperatorEq HTTPFirewallRuleOperator = "eq" + HTTPFirewallRuleOperatorNeq HTTPFirewallRuleOperator = "neq" + HTTPFirewallRuleOperatorEqString HTTPFirewallRuleOperator = "eq string" + HTTPFirewallRuleOperatorNeqString HTTPFirewallRuleOperator = "neq string" + HTTPFirewallRuleOperatorMatch HTTPFirewallRuleOperator = "match" + HTTPFirewallRuleOperatorNotMatch HTTPFirewallRuleOperator = "not match" + HTTPFirewallRuleOperatorWildcardMatch HTTPFirewallRuleOperator = "wildcard match" + HTTPFirewallRuleOperatorWildcardNotMatch HTTPFirewallRuleOperator = "wildcard not match" + HTTPFirewallRuleOperatorContains HTTPFirewallRuleOperator = "contains" + HTTPFirewallRuleOperatorNotContains HTTPFirewallRuleOperator = "not contains" + HTTPFirewallRuleOperatorContainsAnyWord HTTPFirewallRuleOperator = "contains any word" + HTTPFirewallRuleOperatorContainsAllWords HTTPFirewallRuleOperator = "contains all words" + HTTPFirewallRuleOperatorNotContainsAnyWord HTTPFirewallRuleOperator = "not contains any word" + HTTPFirewallRuleOperatorPrefix HTTPFirewallRuleOperator = "prefix" + HTTPFirewallRuleOperatorSuffix HTTPFirewallRuleOperator = "suffix" + HTTPFirewallRuleOperatorContainsAny HTTPFirewallRuleOperator = "contains any" + HTTPFirewallRuleOperatorContainsAll HTTPFirewallRuleOperator = "contains all" + HTTPFirewallRuleOperatorContainsSQLInjection HTTPFirewallRuleOperator = "contains sql injection" + HTTPFirewallRuleOperatorContainsSQLInjectionStrictly HTTPFirewallRuleOperator = "contains sql injection strictly" + HTTPFirewallRuleOperatorContainsXSS HTTPFirewallRuleOperator = "contains xss" + HTTPFirewallRuleOperatorContainsXSSStrictly HTTPFirewallRuleOperator = "contains xss strictly" + HTTPFirewallRuleOperatorHasKey HTTPFirewallRuleOperator = "has key" // has key in slice or map + HTTPFirewallRuleOperatorVersionGt HTTPFirewallRuleOperator = "version gt" + HTTPFirewallRuleOperatorVersionLt HTTPFirewallRuleOperator = "version lt" + HTTPFirewallRuleOperatorVersionRange HTTPFirewallRuleOperator = "version range" HTTPFirewallRuleOperatorContainsBinary HTTPFirewallRuleOperator = "contains binary" // contains binary HTTPFirewallRuleOperatorNotContainsBinary HTTPFirewallRuleOperator = "not contains binary" // not contains binary @@ -176,6 +177,13 @@ var AllRuleOperators = []*RuleOperatorDefinition{ CaseInsensitive: HTTPFirewallRuleCaseInsensitiveNone, DataType: "none", }, + { + Name: "包含SQL注入-严格模式", + Code: HTTPFirewallRuleOperatorContainsSQLInjectionStrictly, + Description: "更加严格地检测字符串内容是否包含SQL注入,相对于非严格模式,有一定的误报几率。", + CaseInsensitive: HTTPFirewallRuleCaseInsensitiveNone, + DataType: "none", + }, { Name: "包含XSS注入", Code: HTTPFirewallRuleOperatorContainsXSS,