TRKJ/EdgeNode
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeNode.git synced 2025-11-18 19:50:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

WAF SQL注入检测和XSS注入检测自动进行URL解码

Browse Source
This commit is contained in:
刘祥超
2023-12-10 16:52:54 +08:00
parent 3f34bfc0b0
commit 16e7cd800c
4 changed files with 14 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
internal/waf/injectionutils/utils_xss.go
View File

@@ -68,6 +68,11 @@ func DetectXSS(input string) bool {
return detectXSSOne(args)
}
}
} else {
unescapedInput, err := url.QueryUnescape(input)
if err == nil && input != unescapedInput {
return detectXSSOne(unescapedInput)
}
}
return false