TRKJ/EdgeNode
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeNode.git synced 2025-11-09 03:50:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

WAF SQL注入检测和XSS注入检测自动进行URL解码

Browse Source
This commit is contained in:
刘祥超
2023-12-10 16:52:54 +08:00
parent 3f34bfc0b0
commit 16e7cd800c
4 changed files with 14 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
internal/waf/injectionutils/utils_xss_test.go
View File

@@ -23,6 +23,7 @@ func TestDetectXSS(t *testing.T) {
a.IsTrue(injectionutils.DetectXSS("onkeyup=a"))
a.IsTrue(injectionutils.DetectXSS("<iframe scrolling='no'>"))
a.IsFalse(injectionutils.DetectXSS("<html><body><span>RequestId: 1234567890</span></body></html>"))
a.IsTrue(injectionutils.DetectXSS("name=s&description=%3Cscript+src%3D%22a.js%22%3Edddd%3C%2Fscript%3E"))
}
func BenchmarkDetectXSS_MISS(b *testing.B) {