From c706f2fdf18ccb7d8e25b294f15a95052122f154 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E7=A5=A5=E8=B6=85?= <iwind.liu@gmail.com>
Date: Fri, 14 Jul 2023 11:02:20 +0800
Subject: [PATCH] =?UTF-8?q?WAF-=E5=8C=BA=E5=9F=9F=E5=B0=81=E7=A6=81?=
 =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E6=8F=90=E7=A4=BA=E5=86=85=E5=AE=B9=E8=AE=BE?=
 =?UTF-8?q?=E7=BD=AE?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 internal/nodes/http_request_waf.go | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/internal/nodes/http_request_waf.go b/internal/nodes/http_request_waf.go
index c07fde5..fa57929 100644
--- a/internal/nodes/http_request_waf.go
+++ b/internal/nodes/http_request_waf.go
@@ -173,7 +173,15 @@ func (this *HTTPRequest) checkWAFRequest(firewallPolicy *firewallconfigs.HTTPFir
 							if !regionConfig.IsAllowedCountry(result.CountryId(), result.ProvinceId()) {
 								this.firewallPolicyId = firewallPolicy.Id
 
-								this.writeCode(http.StatusForbidden, "The region has been denied.", "当前区域禁止访问")
+								if len(regionConfig.CountryHTML) > 0 {
+									this.writer.Header().Set("Content-Type", "text/html; charset=utf-8")
+									this.writer.Header().Set("Content-Length", types.String(len(regionConfig.CountryHTML)))
+									this.writer.WriteHeader(http.StatusForbidden)
+									_, _ = this.writer.Write([]byte(regionConfig.CountryHTML))
+								} else {
+									this.writeCode(http.StatusForbidden, "The region has been denied.", "当前区域禁止访问")
+								}
+
 								this.writer.Flush()
 								this.writer.Close()
 
@@ -193,7 +201,14 @@ func (this *HTTPRequest) checkWAFRequest(firewallPolicy *firewallconfigs.HTTPFir
 							if !regionConfig.IsAllowedProvince(result.CountryId(), result.ProvinceId()) {
 								this.firewallPolicyId = firewallPolicy.Id
 
-								this.writeCode(http.StatusForbidden, "The region has been denied.", "当前区域禁止访问")
+								if len(regionConfig.ProvinceHTML) > 0 {
+									this.writer.Header().Set("Content-Type", "text/html; charset=utf-8")
+									this.writer.Header().Set("Content-Length", types.String(len(regionConfig.ProvinceHTML)))
+									this.writer.WriteHeader(http.StatusForbidden)
+									_, _ = this.writer.Write([]byte(regionConfig.ProvinceHTML))
+								} else {
+									this.writeCode(http.StatusForbidden, "The region has been denied.", "当前区域禁止访问")
+								}
 								this.writer.Flush()
 								this.writer.Close()