WAF cc防护增加“检查请求来源指纹”选项

internal/nodes/http_request_waf.go

@@ -404,6 +404,11 @@ func (this *HTTPRequest) WAFOnAction(action interface{}) (goNext bool) {
 }
 
 func (this *HTTPRequest) WAFFingerprint() []byte {
+	// 目前只有HTTPS请求才有指纹
+	if !this.IsHTTPS {
+		return nil
+	}
+
 	var requestConn = this.RawReq.Context().Value(HTTPConnContextKey)
 	if requestConn == nil {
 		return nil

internal/waf/checkpoints/cc2.go

@@ -76,7 +76,11 @@ func (this *CC2Checkpoint) RequestValue(req requests.Request, param string, opti
 	value = ccCache.IncreaseInt64(ccKey, 1, expiresAt, false)
 
 	// 基于指纹统计
-	if hasRemoteAddr {
+	var enableFingerprint = true
+	if options.Has("enableFingerprint") && !options.GetBool("enableFingerprint") {
+		enableFingerprint = false
+	}
+	if hasRemoteAddr && enableFingerprint {
 		var fingerprint = req.WAFFingerprint()
 		if len(fingerprint) > 0 {
 			var fpKeyValues = []string{}