TRKJ/EdgeNode
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeNode.git synced 2025-11-25 08:20:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

WAF SQL注入检测和XSS注入检测自动进行URL解码

Browse Source
This commit is contained in:
刘祥超
2023-12-10 16:52:54 +08:00
parent 3f34bfc0b0
commit 16e7cd800c
4 changed files with 14 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
internal/waf/injectionutils/utils_sqli.go
View File

@@ -69,6 +69,11 @@ func DetectSQLInjection(input string) bool {
return detectSQLInjectionOne(args)
}
}
} else {
unescapedInput, err := url.QueryUnescape(input)
if err == nil && input != unescapedInput {
return detectSQLInjectionOne(unescapedInput)
}
}
return false