TRKJ/EdgeNode
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeNode.git synced 2025-11-04 16:00:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

请求变量增加${cname},WAF checkpoint增加cname和isCNAME

Browse Source
This commit is contained in:
刘祥超
2022-11-16 15:01:10 +08:00
parent 37ef86b92f
commit a89c02fd10
4 changed files with 66 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
internal/nodes/http_request.go
View File

@@ -758,6 +758,8 @@ func (this *HTTPRequest) Format(source string) string {
return strconv.FormatInt(this.requestFromTime.Unix(), 10) return strconv.FormatInt(this.requestFromTime.Unix(), 10)
case "host": case "host":
return this.ReqHost return this.ReqHost
case "cname":
return this.ReqServer.CNameDomain
case "referer": case "referer":
return this.RawReq.Referer() return this.RawReq.Referer()
case "referer.host": case "referer.host":

22
internal/waf/checkpoints/request_cname.go Normal file
View File

@@ -0,0 +1,22 @@
package checkpoints
import (
"github.com/TeaOSLab/EdgeNode/internal/waf/requests"
"github.com/iwind/TeaGo/maps"
)
type RequestCNAMECheckpoint struct {
Checkpoint
}
func (this *RequestCNAMECheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
value = req.Format("${cname}")
return
}
func (this *RequestCNAMECheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
if this.IsRequest() {
return this.RequestValue(req, param, options, ruleId)
}
return
}

26
internal/waf/checkpoints/request_is_cname.go Normal file
View File

@@ -0,0 +1,26 @@
package checkpoints
import (
"github.com/TeaOSLab/EdgeNode/internal/waf/requests"
"github.com/iwind/TeaGo/maps"
)
type RequestIsCNAMECheckpoint struct {
Checkpoint
}
func (this *RequestIsCNAMECheckpoint) RequestValue(req requests.Request, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
if req.Format("${cname}") == req.Format("${host}") {
value = 1
} else {
value = 0
}
return
}
func (this *RequestIsCNAMECheckpoint) ResponseValue(req requests.Request, resp *requests.Response, param string, options maps.Map, ruleId int64) (value interface{}, hasRequestBody bool, sysErr error, userErr error) {
if this.IsRequest() {
return this.RequestValue(req, param, options, ruleId)
}
return
}

16
internal/waf/checkpoints/utils.go
View File

@@ -146,6 +146,22 @@ var AllCheckpoints = []*CheckpointDefinition{
Instance: new(RequestHostCheckpoint), Instance: new(RequestHostCheckpoint),
Priority: 100, Priority: 100,
}, },
{
Name: "CNAME",
Prefix: "cname",
Description: "当前网站服务CNAME比如38b48e4f.goedge.cn",
HasParams: false,
Instance: new(RequestCNAMECheckpoint),
Priority: 100,
},
{
Name: "是否为CNAME",
Prefix: "isCNAME",
Description: "是否为CNAME值为1或0",
HasParams: false,
Instance: new(RequestIsCNAMECheckpoint),
Priority: 100,
},
{ {
Name: "请求来源URL", Name: "请求来源URL",
Prefix: "referer", Prefix: "referer",