mirror of
https://github.com/TeaOSLab/EdgeNode.git
synced 2025-11-06 18:10:26 +08:00
优化WAF XSS检测,减少对图片内容的误判
This commit is contained in:
GoEdgeLab
@@ -667,10 +667,11 @@ static attribute_t is_black_attr(const char* s, size_t len)
|
|||||||
|
|
||||||
|
|
||||||
/* XMLNS can be used to create arbitrary tags */
|
/* XMLNS can be used to create arbitrary tags */
|
||||||
if (cstrcasecmp_with_null("XMLNS", s, 5) == 0 || cstrcasecmp_with_null("XLINK", s, 5) == 0) {
|
// goedge: commented for photo uploading
|
||||||
|
//if (cstrcasecmp_with_null("XMLNS", s, 5) == 0 || cstrcasecmp_with_null("XLINK", s, 5) == 0) {
|
||||||
/* printf("Got XMLNS and XLINK tags\n"); */
|
/* printf("Got XMLNS and XLINK tags\n"); */
|
||||||
return TYPE_BLACK;
|
// return TYPE_BLACK;
|
||||||
}
|
//}
|
||||||
}
|
}
|
||||||
|
|
||||||
black = BLACKATTR;
|
black = BLACKATTR;
|
||||||
@@ -789,9 +790,10 @@ int libinjection_is_xss(const char* s, size_t len, int flags)
|
|||||||
attr = TYPE_NONE;
|
attr = TYPE_NONE;
|
||||||
} else if (h5.token_type == TAG_COMMENT) {
|
} else if (h5.token_type == TAG_COMMENT) {
|
||||||
/* IE uses a "`" as a tag ending char */
|
/* IE uses a "`" as a tag ending char */
|
||||||
if (memchr(h5.token_start, '`', h5.token_len) != NULL) {
|
// goedge: commented for photo uploading
|
||||||
|
/**if (memchr(h5.token_start, '`', h5.token_len) != NULL) {
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}**/
|
||||||
|
|
||||||
/* IE conditional comment */
|
/* IE conditional comment */
|
||||||
if (h5.token_len > 3) {
|
if (h5.token_len > 3) {
|
||||||
|
|||||||
@@ -2,3 +2,5 @@
|
|||||||
|
|
||||||
#include "libinjection/src/libinjection_xss.c"
|
#include "libinjection/src/libinjection_xss.c"
|
||||||
#include "libinjection/src/libinjection_html5.c"
|
#include "libinjection/src/libinjection_html5.c"
|
||||||
|
|
||||||
|
#define GOEDGE_VERSION "23" // last version is for GoEdge change
|
||||||
@@ -24,6 +24,14 @@ func TestDetectXSS(t *testing.T) {
|
|||||||
a.IsTrue(injectionutils.DetectXSS("<iframe scrolling='no'>"))
|
a.IsTrue(injectionutils.DetectXSS("<iframe scrolling='no'>"))
|
||||||
a.IsFalse(injectionutils.DetectXSS("<html><body><span>RequestId: 1234567890</span></body></html>"))
|
a.IsFalse(injectionutils.DetectXSS("<html><body><span>RequestId: 1234567890</span></body></html>"))
|
||||||
a.IsTrue(injectionutils.DetectXSS("name=s&description=%3Cscript+src%3D%22a.js%22%3Edddd%3C%2Fscript%3E"))
|
a.IsTrue(injectionutils.DetectXSS("name=s&description=%3Cscript+src%3D%22a.js%22%3Edddd%3C%2Fscript%3E"))
|
||||||
|
a.IsFalse(injectionutils.DetectXSS(`<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="XMP Core 6.0.0">
|
||||||
|
<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
|
||||||
|
<rdf:Description rdf:about=""
|
||||||
|
xmlns:tiff="http://ns.adobe.com/tiff/1.0/">
|
||||||
|
<tiff:Orientation>1</tiff:Orientation>
|
||||||
|
</rdf:Description>
|
||||||
|
</rdf:RDF>
|
||||||
|
</x:xmpmeta>`)) // included in some photo files
|
||||||
}
|
}
|
||||||
|
|
||||||
func BenchmarkDetectXSS_MISS(b *testing.B) {
|
func BenchmarkDetectXSS_MISS(b *testing.B) {
|
||||||
|
|||||||
Reference in New Issue
Block a user