mirror of
https://gitee.com/samwaf/SamWaf.git
synced 2025-12-06 14:59:18 +08:00
68 lines
2.6 KiB
Go
68 lines
2.6 KiB
Go
package wafenginecore
|
||
|
||
import (
|
||
"SamWaf/global"
|
||
"SamWaf/innerbean"
|
||
"SamWaf/model/detection"
|
||
"SamWaf/model/wafenginmodel"
|
||
"net/http"
|
||
"net/url"
|
||
"strings"
|
||
)
|
||
|
||
/*
|
||
*
|
||
检测不允许访问的 url
|
||
返回是否满足条件
|
||
*/
|
||
func (waf *WafEngine) CheckDenyURL(r *http.Request, weblogbean *innerbean.WebLog, formValue url.Values, hostTarget *wafenginmodel.HostSafe, globalHostTarget *wafenginmodel.HostSafe) detection.Result {
|
||
result := detection.Result{
|
||
JumpGuardResult: false,
|
||
IsBlock: false,
|
||
Title: "",
|
||
Content: "",
|
||
}
|
||
|
||
// 将请求URL转为小写,用于不区分大小写的比较
|
||
lowerURL := strings.ToLower(weblogbean.URL)
|
||
|
||
//url黑名单策略-(局部)
|
||
if hostTarget.UrlBlockLists != nil {
|
||
for i := 0; i < len(hostTarget.UrlBlockLists); i++ {
|
||
// 将规则URL也转为小写
|
||
lowerRuleURL := strings.ToLower(hostTarget.UrlBlockLists[i].Url)
|
||
|
||
if (hostTarget.UrlBlockLists[i].CompareType == "等于" && lowerRuleURL == lowerURL) ||
|
||
(hostTarget.UrlBlockLists[i].CompareType == "前缀匹配" && strings.HasPrefix(lowerURL, lowerRuleURL)) ||
|
||
(hostTarget.UrlBlockLists[i].CompareType == "后缀匹配" && strings.HasSuffix(lowerURL, lowerRuleURL)) ||
|
||
(hostTarget.UrlBlockLists[i].CompareType == "包含匹配" && strings.Contains(lowerURL, lowerRuleURL)) {
|
||
weblogbean.RISK_LEVEL = 1
|
||
result.IsBlock = true
|
||
result.Title = "URL黑名单"
|
||
result.Content = "您的访问被阻止了URL限制"
|
||
return result
|
||
}
|
||
}
|
||
}
|
||
|
||
//url黑名单策略-(全局)
|
||
if waf.HostTarget[global.GWAF_GLOBAL_HOST_NAME].Host.GUARD_STATUS == 1 && waf.HostTarget[global.GWAF_GLOBAL_HOST_NAME].UrlBlockLists != nil {
|
||
for i := 0; i < len(waf.HostTarget[global.GWAF_GLOBAL_HOST_NAME].UrlBlockLists); i++ {
|
||
// 将全局规则URL也转为小写
|
||
lowerGlobalRuleURL := strings.ToLower(waf.HostTarget[global.GWAF_GLOBAL_HOST_NAME].UrlBlockLists[i].Url)
|
||
|
||
if (waf.HostTarget[global.GWAF_GLOBAL_HOST_NAME].UrlBlockLists[i].CompareType == "等于" && lowerGlobalRuleURL == lowerURL) ||
|
||
(waf.HostTarget[global.GWAF_GLOBAL_HOST_NAME].UrlBlockLists[i].CompareType == "前缀匹配" && strings.HasPrefix(lowerURL, lowerGlobalRuleURL)) ||
|
||
(waf.HostTarget[global.GWAF_GLOBAL_HOST_NAME].UrlBlockLists[i].CompareType == "后缀匹配" && strings.HasSuffix(lowerURL, lowerGlobalRuleURL)) ||
|
||
(waf.HostTarget[global.GWAF_GLOBAL_HOST_NAME].UrlBlockLists[i].CompareType == "包含匹配" && strings.Contains(lowerURL, lowerGlobalRuleURL)) {
|
||
weblogbean.RISK_LEVEL = 1
|
||
result.IsBlock = true
|
||
result.Title = "【全局】URL黑名单"
|
||
result.Content = "您的访问被阻止了URL限制"
|
||
return result
|
||
}
|
||
}
|
||
}
|
||
return result
|
||
}
|