EdgeNode/internal/waf/waf_test.go

package waf_test

import (
	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
	"github.com/TeaOSLab/EdgeNode/internal/waf"
	"github.com/TeaOSLab/EdgeNode/internal/waf/requests"
	"github.com/iwind/TeaGo/assert"
	"net/http"
	"testing"
)

func TestWAF_MatchRequest(t *testing.T) {
	var a = assert.NewAssertion(t)

	var set = waf.NewRuleSet()
	set.Name = "Name_Age"
	set.Connector = waf.RuleConnectorAnd
	set.Rules = []*waf.Rule{
		{
			Param:    "${arg.name}",
			Operator: waf.RuleOperatorEqString,
			Value:    "lu",
		},
		{
			Param:    "${arg.age}",
			Operator: waf.RuleOperatorEq,
			Value:    "20",
		},
	}
	set.AddAction(waf.ActionBlock, nil)

	var group = waf.NewRuleGroup()
	group.AddRuleSet(set)
	group.IsInbound = true

	var wafInstance = waf.NewWAF()
	wafInstance.AddRuleGroup(group)
	errs := wafInstance.Init()
	if len(errs) > 0 {
		t.Fatal(errs[0])
	}

	req, err := http.NewRequest(http.MethodGet, "http://teaos.cn/hello?name=lu&age=20", nil)
	if err != nil {
		t.Fatal(err)
	}
	goNext, _, _, set, err := wafInstance.MatchRequest(requests.NewTestRequest(req), nil, firewallconfigs.ServerCaptchaTypeNone)
	if err != nil {
		t.Fatal(err)
	}
	if set == nil {
		t.Log("not match")
		return
	}
	t.Log("goNext:", goNext, "set:", set.Name)
	a.IsFalse(goNext)
}
WAF SQL注入和XSS检测增加缓存/优化部分WAF相关测试用例 2023-12-09 11:46:50 +08:00			`package waf_test`
实现WAF 2020-10-08 15:06:42 +08:00
			`import (`
修复WAF相关单元测试 2023-11-16 08:43:31 +08:00			`"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"`
WAF SQL注入和XSS检测增加缓存/优化部分WAF相关测试用例 2023-12-09 11:46:50 +08:00			`"github.com/TeaOSLab/EdgeNode/internal/waf"`
WAF增加多个动作 2021-07-18 15:51:49 +08:00			`"github.com/TeaOSLab/EdgeNode/internal/waf/requests"`
实现WAF 2020-10-08 15:06:42 +08:00			`"github.com/iwind/TeaGo/assert"`
			`"net/http"`
			`"testing"`
			`)`

			`func TestWAF_MatchRequest(t *testing.T) {`
WAF SQL注入和XSS检测增加缓存/优化部分WAF相关测试用例 2023-12-09 11:46:50 +08:00			`var a = assert.NewAssertion(t)`
实现WAF 2020-10-08 15:06:42 +08:00
WAF SQL注入和XSS检测增加缓存/优化部分WAF相关测试用例 2023-12-09 11:46:50 +08:00			`var set = waf.NewRuleSet()`
实现WAF 2020-10-08 15:06:42 +08:00			`set.Name = "Name_Age"`
WAF SQL注入和XSS检测增加缓存/优化部分WAF相关测试用例 2023-12-09 11:46:50 +08:00			`set.Connector = waf.RuleConnectorAnd`
			`set.Rules = []*waf.Rule{`
实现WAF 2020-10-08 15:06:42 +08:00			`{`
			`Param: "${arg.name}",`
WAF SQL注入和XSS检测增加缓存/优化部分WAF相关测试用例 2023-12-09 11:46:50 +08:00			`Operator: waf.RuleOperatorEqString,`
实现WAF 2020-10-08 15:06:42 +08:00			`Value: "lu",`
			`},`
			`{`
			`Param: "${arg.age}",`
WAF SQL注入和XSS检测增加缓存/优化部分WAF相关测试用例 2023-12-09 11:46:50 +08:00			`Operator: waf.RuleOperatorEq,`
实现WAF 2020-10-08 15:06:42 +08:00			`Value: "20",`
			`},`
			`}`
WAF SQL注入和XSS检测增加缓存/优化部分WAF相关测试用例 2023-12-09 11:46:50 +08:00			`set.AddAction(waf.ActionBlock, nil)`
实现WAF 2020-10-08 15:06:42 +08:00
WAF SQL注入和XSS检测增加缓存/优化部分WAF相关测试用例 2023-12-09 11:46:50 +08:00			`var group = waf.NewRuleGroup()`
实现WAF 2020-10-08 15:06:42 +08:00			`group.AddRuleSet(set)`
			`group.IsInbound = true`

WAF SQL注入和XSS检测增加缓存/优化部分WAF相关测试用例 2023-12-09 11:46:50 +08:00			`var wafInstance = waf.NewWAF()`
			`wafInstance.AddRuleGroup(group)`
			`errs := wafInstance.Init()`
自动使用本地防火墙/增加edge-node [ip.drop\|ip.reject\|ip.remove]等命令 2022-01-09 17:07:37 +08:00			`if len(errs) > 0 {`
			`t.Fatal(errs[0])`
实现WAF 2020-10-08 15:06:42 +08:00			`}`

			`req, err := http.NewRequest(http.MethodGet, "http://teaos.cn/hello?name=lu&age=20", nil)`
			`if err != nil {`
			`t.Fatal(err)`
			`}`
WAF SQL注入和XSS检测增加缓存/优化部分WAF相关测试用例 2023-12-09 11:46:50 +08:00			`goNext, _, _, set, err := wafInstance.MatchRequest(requests.NewTestRequest(req), nil, firewallconfigs.ServerCaptchaTypeNone)`
实现WAF 2020-10-08 15:06:42 +08:00			`if err != nil {`
			`t.Fatal(err)`
			`}`
			`if set == nil {`
			`t.Log("not match")`
			`return`
			`}`
			`t.Log("goNext:", goNext, "set:", set.Name)`
			`a.IsFalse(goNext)`
			`}`