From b0850b6032bae79506ae9a360475f40342dca40f Mon Sep 17 00:00:00 2001
From: GoEdgeLab <goedgecloud@gmail.com>
Date: Fri, 10 Mar 2023 10:41:16 +0800
Subject: [PATCH] =?UTF-8?q?WAF=20cc=E9=98=B2=E6=8A=A4=E5=A2=9E=E5=8A=A0?=
 =?UTF-8?q?=E2=80=9C=E6=A3=80=E6=9F=A5=E8=AF=B7=E6=B1=82=E6=9D=A5=E6=BA=90?=
 =?UTF-8?q?=E6=8C=87=E7=BA=B9=E2=80=9D=E9=80=89=E9=A1=B9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 internal/nodes/http_request_waf.go | 5 +++++
 internal/waf/checkpoints/cc2.go    | 6 +++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/internal/nodes/http_request_waf.go b/internal/nodes/http_request_waf.go
index 01cbbe7..9b524f9 100644
--- a/internal/nodes/http_request_waf.go
+++ b/internal/nodes/http_request_waf.go
@@ -404,6 +404,11 @@ func (this *HTTPRequest) WAFOnAction(action interface{}) (goNext bool) {
 }
 
 func (this *HTTPRequest) WAFFingerprint() []byte {
+	// 目前只有HTTPS请求才有指纹
+	if !this.IsHTTPS {
+		return nil
+	}
+
 	var requestConn = this.RawReq.Context().Value(HTTPConnContextKey)
 	if requestConn == nil {
 		return nil
diff --git a/internal/waf/checkpoints/cc2.go b/internal/waf/checkpoints/cc2.go
index cf39f58..afe0296 100644
--- a/internal/waf/checkpoints/cc2.go
+++ b/internal/waf/checkpoints/cc2.go
@@ -76,7 +76,11 @@ func (this *CC2Checkpoint) RequestValue(req requests.Request, param string, opti
 	value = ccCache.IncreaseInt64(ccKey, 1, expiresAt, false)
 
 	// 基于指纹统计
-	if hasRemoteAddr {
+	var enableFingerprint = true
+	if options.Has("enableFingerprint") && !options.GetBool("enableFingerprint") {
+		enableFingerprint = false
+	}
+	if hasRemoteAddr && enableFingerprint {
 		var fingerprint = req.WAFFingerprint()
 		if len(fingerprint) > 0 {
 			var fpKeyValues = []string{}