diff --git a/plugins/op_waf/waf/lua/common.lua b/plugins/op_waf/waf/lua/common.lua
index f044d3a47..5b5e7a21f 100644
--- a/plugins/op_waf/waf/lua/common.lua
+++ b/plugins/op_waf/waf/lua/common.lua
@@ -85,7 +85,7 @@ function _M.log(self, args, rule_name, reason)
         return false
     end
     stmt2:reset()
-    
+
     local res, err = db:execute([[COMMIT]])
     -- self:D("LOG[2]:"..tostring(res)..":"..tostring(err))
     if db and db:isopen() then
@@ -459,10 +459,22 @@ function _M.ngx_match_list(self, rules, content)
     for i,rule in ipairs(rules)
     do
         if rule[1] == 1 then
-            local t = self:is_ngx_match_orgin(rule[2], content, rule[3])
-            if t then
-                return true
+            if type(content) == "string" then
+                local t = self:is_ngx_match_orgin(rule[2], content, rule[3])
+                if t then
+                    return true
+                end
+            end
+
+            if type(content) == "table" then
+                for arg_k,arg_v in ipairs(content) do
+                    local t = self:is_ngx_match_orgin(rule[2], arg_v, rule[3])
+                    if t then
+                        return true
+                    end
+                end
             end
+            
         end
     end
     return false
diff --git a/plugins/op_waf/waf/lua/init.lua b/plugins/op_waf/waf/lua/init.lua
index 9233b5403..5d6f057d4 100644
--- a/plugins/op_waf/waf/lua/init.lua
+++ b/plugins/op_waf/waf/lua/init.lua
@@ -163,6 +163,8 @@ end
 
 local function waf_get_args()
     if not config['get']['open'] or not C:is_site_config('get') then return false end
+
+    C:D(C:to_json(args_rules)..":"..json.encode(params['uri_request_args']))
     if C:ngx_match_list(args_rules, params['uri_request_args']) then
         C:write_log('args','regular')
         C:return_html(config['get']['status'], get_html)