优化WAF

* 信息加密使用struct代替map，以缩短加密后内容长度 * 拦截动作、人机识别动作增加是否尝试全局封禁选项 * JSCookie识别动作增加默认设置选项 * 人机识别中传入info参数异常时，尝试跳转到来源地址，避免直接提示invalid request
2026-01-01 02:56:35 +08:00 · 2024-04-07 14:31:22 +08:00
parent e87ea9d802
commit 1fe15d4e3c
18 changed files with 441 additions and 129 deletions
--- a/internal/waf/waf.go
+++ b/internal/waf/waf.go
@@ -26,9 +26,12 @@ type WAF struct {
 	UseLocalFirewall bool                            `yaml:"useLocalFirewall" json:"useLocalFirewall"`
 	SYNFlood         *firewallconfigs.SYNFloodConfig `yaml:"synFlood" json:"synFlood"`

-	DefaultBlockAction   *BlockAction
-	DefaultPageAction    *PageAction
-	DefaultCaptchaAction *CaptchaAction
+	DefaultBlockAction    *BlockAction
+	DefaultPageAction     *PageAction
+	DefaultCaptchaAction  *CaptchaAction
+	DefaultJSCookieAction *JSCookieAction
+	DefaultPost307Action  *Post307Action
+	DefaultGet302Action   *Get302Action

 	hasInboundRules  bool
 	hasOutboundRules bool