midoks
/
mdserver-web
mirror of https://github.com/midoks/mdserver-web
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

update

Browse Source
pull/109/head
midoks 6 years ago
parent 16472bf12a
commit 8f03085cf3
4 changed files with 418 additions and 10 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 63
      plugins/op_waf/index.py
  2. 355
      plugins/op_waf/js/op_waf.js
  3. 2
      plugins/op_waf/waf/config.json
  4. 8
      route/static/app/public.js

63
plugins/op_waf/index.py
Unescape View File

@ -118,6 +118,7 @@ def initSiteInfo():
cjson = public.getJson(site_contents_new)
public.writeFile(path_site, cjson)
def initTotalInfo():
data = []
path_domains = getJsonPath('domains')
@ -135,7 +136,7 @@ def initTotalInfo():
total_contents_new = {}
for x in range(len(domain_contents)):
name = domain_contents[x]['name']
if 'sites' in total_contents and name in total_contents['sites']:
if 'sites' in total_contents and name in total_contents['sites']:
pass
else:
tmp = {}
@ -339,18 +340,18 @@ def getSiteConfig():
total_content = json.loads(total_content)
# print total_content
for x in content:
tmp = []
tmp_v = {}
if 'sites' in total_content and x in total_content['sites']:
tmp_v = total_content['sites'][x];
key_list = ['get','post','user-agent','cookie','cdn','cc']
tmp_v = total_content['sites'][x]
key_list = ['get', 'post', 'user-agent', 'cookie', 'cdn', 'cc']
for kx in range(len(key_list)):
ktmp = {}
if kx in tmp_v :
if kx in tmp_v:
ktmp['value'] = tmp_v[key_list[kx]]
else:
ktmp['value'] = ''
@ -360,10 +361,54 @@ def getSiteConfig():
# print tmp
content[x]['total'] = tmp
content = public.getJson(content)
return public.returnJson(True, 'ok!', content)
def getLogsList():
args = getArgs()
data = checkArgs(args, ['siteName'])
if not data[0]:
return data[1]
data = []
path = public.getLogsDir() + '/waf'
files = os.listdir(path)
for f in files:
if f == '.DS_Store':
continue
f = f.split('_')
if f[0] == args['siteName']:
fl = f[1].split('.')
data.append(fl[0])
return public.returnJson(True, 'ok!', data)
def getSafeLogs():
args = getArgs()
data = checkArgs(args, ['siteName', 'toDate', 'p'])
if not data[0]:
return data[1]
path = public.getLogsDir() + '/waf'
file = path + '/' + args['siteName'] + '_' + args['toDate'] + '.log'
if not os.path.exists(file):
return public.returnJson(False, "文件不存在!")
retData = []
file = open(file)
while 1:
lines = file.readlines(100000)
if not lines:
break
for line in lines:
retData.append(json.loads(line))
return public.returnJson(True, '设置成功!', retData)
def setObjOpen():
args = getArgs()
data = checkArgs(args, ['obj'])
@ -427,6 +472,10 @@ if __name__ == "__main__":
print saveScanRule()
elif func == 'get_site_config':
print getSiteConfig()
elif func == 'get_logs_list':
print getLogsList()
elif func == 'get_safe_logs':
print getSafeLogs()
elif func == 'waf_srceen':
print getWafSrceen()
elif func == 'waf_conf':

355
plugins/op_waf/js/op_waf.js
Unescape View File

@ -865,6 +865,357 @@ function back_css(v) {
}
}
//查看网站日志
function siteWafLog(siteName) {
var loadT = layer.msg('正在处理,请稍候..', { icon: 16, time: 0 });
owPost('get_logs_list', { siteName: siteName } , function (data) {
var tmp = $.parseJSON(data.data);
var rdata = tmp.data;
var selectLogDay = "";
var day = rdata[0];
for (var i = 0; i < rdata.length; i++) {
selectLogDay += '<option value="' + rdata[i] + '">' + rdata[i] + '</option>';
}
if (rdata == "") {
layer.msg("暂无日志记录", { icon: 6, shade: 0.3, time: 1000 });
return
}
layer.open({
type: 1,
title: "日志【" + siteName + "】",
area: ['880px', '500px'],
closeBtn: 2,
shadeClose: false,
content: '<div class="lib-box pd15 lib-box-log">\
<div class="lib-con-title" style="height:40px"><select id="selectLogDay" class="bt-input-text" onchange="siteLogCon(\''+ siteName + '\',this.options[this.options.selectedIndex].value,1)">' + selectLogDay + '</select></div>\
<div class="lib-con">\
<div class="divtable">\
<div id="site_waf_log" style="max-height:400px;overflow:auto;border:#ddd 1px solid">\
<table class="table table-hover" style="border:none;">\
<thead><tr><th width="150">时间</th><th width="120">IP</th><th width="70"></th><th>URI</th><th class="tdhide">User-Agent</th><th width="60"></th><th width="100"></th><th class="tdhide"></th><th width="100" class="text-right"></th></tr></thead>\
<tbody id="LogDayCon"></tbody>\
</table>\
</div>\
</div>\
<div class="page pull-right" id="size_log_page" style="margin-top:10px"></div>\
</div>\
</div>'
});
siteLogCon(siteName, day, 1);
tableFixed("site_waf_log");
});
}
//日志内容
function siteLogCon(siteName, day, page) {
if (!page) page = 1;
var last = page - 1;
var next = page + 1;
var pagehtml = '';
$("#site_waf_log").scrollTop(0);
owPost('get_safe_logs', { siteName: siteName, toDate: day, p: page }, function(data){
var tmp = $.parseJSON(data.data);
if (!tmp.status){
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
return;
}
var rdata = tmp.data;
var con = '';
for (var i = 0; i < rdata.length; i++) {
con += '<tr>\
<td class="td0">'+ escapeHTML(rdata[i][0]) + '</td>\
<td class="td1"><a class="btlink" href="javascript:add_log_ip_black(\''+ escapeHTML(rdata[i][1]) + '\');" title="加入黑名单">' + escapeHTML(rdata[i][1]) + '</a></td>\
<td class="td2">'+ escapeHTML(rdata[i][2]) + '</td>\
<td class="td3"><span class="td3txt">'+ escapeHTML(rdata[i][3]) + '</span></td>\
<td class="tdhide td4">'+ escapeHTML(rdata[i][4]) + '</td><td></td>\
<td class="td5"><span class="filtertext">'+ escapeHTML(rdata[i][5]) + '</span></td>\
<td class="tdhide td6">'+ escapeHTML(rdata[i][6]) + '</td>\
<td class="text-right"><a href="javascript:;" class="btlink submit_msg" data-index="'+ i +'">误报</a> | <a href="javascript:;" class="btlink btwaf_details" data-index="'+ i +'"></a></td>\
</tr>'
}
$("#LogDayCon").html(con);
pagehtml = '<a class="Pstart" onclick="site_log_con(\'' + siteName + '\',\'' + day + '\',1)">首页</a><a class="prevPage" onclick="site_log_con(\'' + siteName + '\',\'' + day + '\',' + last + ')">上一页</a><a class="nextPage" onclick="site_log_con(\'' + siteName + '\',\'' + day + '\',' + next + ')">下一页</a><a class="Pcount">第 ' + page + ' 页</a>';
$("#size_log_page").html(pagehtml);
if (rdata.length < 1) $(".nextPage").hide();
if (last < 1) $(".prevPage").hide();
// 发送误报请求
$(".submit_msg").click(function () {
var _this = $(this);
var res = rdata[$(this).attr('data-index')];
layer.confirm('是否确定提交误报反馈?', { title: '误报反馈',closeBtn:2,icon:3}, function () {
var url_address = res[3];
var rule_arry = res[6].split(" &gt;&gt; ");
var pdata = { url_rule: url_address };
var loadT = layer.msg('正在添加URL白名单..', { icon: 16, time: 0 });
$.post('/plugin?action=a&name=btwaf&s=add_url_white', pdata, function (rdata) {
layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 });
layer.close(loadT);
if (rule_arry[1] != undefined){ $.get('https://www.bt.cn/Api/add_waf_logs?data=' + rule_arry[1],function(rdata){},'jsonp')}
});
});
})
// 详情
$(".btwaf_details").click(function () {
var res = rdata[$(this).attr('data-index')];
var time = res[0]; //时间
var ip_address = res[1]; //IP地址
var req_type = res[2]; // 请求类型
var url_address = res[3]; // 请求类型
var user_agent = res[4]; // 请求类型
var filters = res[5]; //过滤器
var filter_rule = ''; //过滤规则
var rule_arry = res[6].split(" &gt;&gt; ");
var incoming_value = '',risk_value = ''; //传入值,风险值
if(rule_arry.length == 0) filter_rule = rule_arry[0]
incoming_value = rule_arry[1] == undefined?'空':rule_arry[1];
risk_value = incoming_value.match(new RegExp(rule_arry[0].replace(/\//g,'\\/'),'i'));
risk_value = risk_value?risk_value[0]:'空';
layer.open({
type: 1,
title: time + "详情",
area: '600px',
closeBtn: 2,
shadeClose: false,
content: '<div class="pd15 lib-box">\
<table class="table" style="border:#ddd 1px solid; margin-bottom:10px">\
<tbody><tr><th>时间</th><td>'+ escapeHTML(time) + '</td><th>IP</th><td><a class="btlink" href="javascript:add_log_ip_black(\'' + escapeHTML(ip_address) + '\')" title="">' + escapeHTML(ip_address) + '</a></td></tr><tr><th></th><td>' + escapeHTML(req_type) + '</td><th></th><td>' + escapeHTML(filters) + '</td></tr></tbody></table>\
<div><b style="margin-left:10px">URI地址</b></div>\
<div class="lib-con pull-left mt10"><div class="divpre">'+ escapeHTML(url_address) + '</div></div>\
<div><b style="margin-left:10px">User-Agent</b></div>\
<div class="lib-con pull-left mt10"><div class="divpre">'+ escapeHTML(user_agent) + '</div></div>\
<div><b style="margin-left:10px">过滤规则</b></div>\
<div class="lib-con pull-left mt10"><div class="divpre">'+ escapeHTML(rule_arry[0]) + '</div></div>\
<div><b style="margin-left:10px">传入值</b></div>\
<div class="lib-con pull-left mt10"><div class="divpre">'+ escapeHTML(incoming_value) + '</div></div>\
<div><b style="margin-left:10px">风险值</b></div>\
<div class="lib-con pull-left mt10"><div class="divpre">'+ escapeHTML(risk_value) + '</div></div>\
</div>'
})
})
$("#LogDayCon td").click(function () {
$(this).parents("tr").addClass("active").siblings().removeClass("active");
});
});
}
function html_encode(value) {
return $('<div></div>').html(value).text();
}
function html_decode(value) {
return $('<div></div>').text(value).html();
}
//网站设置
function siteWafConfig(siteName, type) {
if (type == undefined) {
create_2 = layer.open({
type: 1,
title: "网站配置【" + siteName + "】",
area: ['700px', '500px'],
closeBtn: 2,
shadeClose: false,
content: '<div id="s_w_c"></div>'
});
}
var loadT = layer.msg('正在获取网站配置..', { icon: 16, time: 0 });
$.post('/plugin?action=a&name=btwaf&s=get_site_config_byname', { siteName: siteName }, function (rdata) {
nginx_config = rdata;
layer.close(loadT);
var con = '<div class="pd15">\
<div class="lib-con-title">\
<span>网站防火墙开关</span>\
<div class="ssh-item" style="margin-right:20px;">\
<input class="btswitch btswitch-ios" id="closewaf_open" type="checkbox" '+ (rdata.open ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closewaf_open" onclick="set_site_obj_state(\''+ siteName + '\',\'open\')" style="width:2.4em;height:1.4em;margin-bottom: 0"></label>\
</div>\
</div>\
<div class="lib-con">\
<div class="divtable">\
<table class="table table-hover waftable">\
<thead>\
<tr>\
<th>名称</th>\
<th>描述</th>\
<th width="80">状态</th>\
<th style="text-align: right;">操作</th>\
</tr>\
</thead>\
<tbody>\
<tr>\
<td>CC防御</td>\
<td><font style="color:red;">'+ rdata.cc.cycle + '</font> ,URI <font style="color:red;">' + rdata.cc.limit + '</font> ,IP <font style="color:red;">' + rdata.cc.endtime + '</font> </td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closecc" type="checkbox" '+ (rdata.cc.open ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closecc" onclick="set_site_obj_state(\''+ siteName + '\',\'cc\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="set_cc_rule('+ rdata.cc.cycle + ',' + rdata.cc.limit + ',' + rdata.cc.endtime + ',\'' + siteName + '\',' + rdata.cc.increase + ')">设置</a></td>\
</tr>\
<tr>\
<td>恶意容忍设置</td>\
<td><font style="color:red;">'+ rdata.retry_cycle + '</font> , <font style="color:red;">' + rdata.retry + '</font> ,IP <font style="color:red;">' + rdata.retry_time + '</font> </td>\
<td style="text-align: left;">&nbsp;&nbsp;--</td>\
<td class="text-right"><a class="btlink" onclick="set_retry('+ rdata.retry_cycle + ',' + rdata.retry + ',' + rdata.retry_time + ',\'' + siteName + '\')">设置</a></td>\
</tr>\
<tr>\
<td>GET-URI过滤</td>\
<td>'+ rdata.top.get.ps + '</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closeget" type="checkbox" '+ (rdata.get ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closeget" onclick="set_site_obj_state(\''+ siteName + '\',\'get\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="set_site_obj_conf(\''+ siteName + '\',\'url\')">规则</a></td>\
</tr>\
<tr>\
<td>GET-参数过滤</td>\
<td>'+ rdata.top.get.ps + '</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closeargs" type="checkbox" '+ (rdata.get ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closeargs" onclick="set_site_obj_state(\''+ siteName + '\',\'get\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="set_site_obj_conf(\''+ siteName + '\',\'args\')">规则</a></td>\
</tr>\
<tr>\
<td>POST过滤</td>\
<td>'+ rdata.top.post.ps + '</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closepost" type="checkbox" '+ (rdata.post ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closepost" onclick="set_site_obj_state(\''+ siteName + '\',\'post\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="set_site_obj_conf(\''+ siteName + '\',\'post\')">规则</a></td>\
</tr>\
<tr>\
<td>User-Agent过滤</td>\
<td>'+ rdata.top['user-agent'].ps + '</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closeua" type="checkbox" '+ (rdata['user-agent'] ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closeua" onclick="set_site_obj_state(\''+ siteName + '\',\'user-agent\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="set_site_obj_conf(\''+ siteName + '\',\'user_agent\')">规则</a></td>\
</tr>\
<tr>\
<td>Cookie过滤</td>\
<td>'+ rdata.top.cookie.ps + '</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closecookie" type="checkbox" '+ (rdata.cookie ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closecookie" onclick="set_site_obj_state(\''+ siteName + '\',\'cookie\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="set_site_obj_conf(\''+ siteName + '\',\'cookie\')">规则</a></td>\
</tr>\
<tr>\
<td>禁止国外访问</td>\
<td>'+ rdata.top.drop_abroad.ps + '</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closeabroad" type="checkbox" '+ (rdata.drop_abroad ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closeabroad" onclick="set_site_obj_state(\''+ siteName + '\',\'drop_abroad\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="cn_iplist()">设置</a></td>\
</tr>\
<tr>\
<td>常见扫描器</td><td>'+ rdata.top.scan.ps + '</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closescan" type="checkbox" '+ (rdata.scan ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closescan" onclick="set_site_obj_state(\''+ siteName + '\',\'scan\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="scan_rule()">设置</a></td>\
</tr>\
<tr>\
<td>使用CDN</td>\
<td>该站点使用了CDN,启用后方可正确获取客户IP</td>\
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closecdn" type="checkbox" '+ (rdata.cdn ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closecdn" onclick="set_site_obj_state(\''+ siteName + '\',\'cdn\')"></label>\
</div>\
</td>\
<td class="text-right"><a class="btlink" onclick="cdn_header(\''+ siteName + '\')">设置</a></td>\
</tr>\
<tr>\
<td>禁止执行PHP的URL</td>\
<td>禁止在指定URL运行PHP脚本</td>\
<td style="text-align: left;">&nbsp;&nbsp;--</td>\
<td class="text-right"><a class="btlink" onclick="site_rule_admin(\''+ siteName + '\',\'disable_php_path\')">设置</a></td>\
</tr>\
<tr>\
<td>禁止访问的URL</td>\
<td>禁止访问指定的URL</td>\
<td style="text-align: left;">&nbsp;&nbsp;--</td>\
<td class="text-right"><a class="btlink" onclick="site_rule_admin(\''+ siteName + '\',\'disable_path\')">设置</a></td>\
</tr>\
<tr>\
<td>禁止扩展名</td>\
<td>禁止访问指定扩展名</td>\
<td style="text-align: left;">&nbsp;&nbsp;--</td>\
<td class="text-right"><a class="btlink" onclick="site_rule_admin(\''+ siteName + '\',\'disable_ext\')">设置</a></td>\
</tr>\
<tr>\
<td>禁止上传的文件类型</td>\
<td>禁止上传指定的文件类型</td>\
<td style="text-align: left;">&nbsp;&nbsp;--</td>\
<td class="text-right"><a class="btlink" onclick="site_rule_admin(\''+ siteName + '\',\'disable_upload_ext\')">设置</a></td>\
</tr>\
<tr>\
<td>受保护的URL</td>\
<td>通过自定义参数加密URL地址,参数错误将被拦截</td>\
<td style="text-align: left;">&nbsp;&nbsp;--</td>\
<td class="text-right"><a class="btlink" onclick="site_url_tell(\''+ siteName + '\')">设置</a></td>\
</tr>\
<tr>\
<td>URL专用过滤</td>\
<td>为特定URL地址设置过滤规则</td>\
<td style="text-align: left;">&nbsp;&nbsp;--</td>\
<td class="text-right"><a class="btlink" onclick="site_url_rule(\''+ siteName + '\')">设置</a></td>\
</tr>\
<tr>\
<td>敏感文字替换</td>\
<td>替换设置的敏感文字</td>\
<td>&nbsp;&nbsp;--</td>\
<td class="text-right"><a class="btlink" onclick="body_rule_list(true,\''+ siteName + '\')">设置</a></td>\
</tr>\
<tr>\
<td>CMS专用过滤</td>\
<td>为特定CMS提供的过滤规则</td>\
<td style="text-align: left;">&nbsp;&nbsp;--</td>\
<td class="text-right"><a class="btlink" onclick="site_cms_rule(\''+siteName+'\')">设置</a></td>\
</tr>\
</tbody>\
</table>\
</div>\
</div>\
<ul class="help-info-text c7">\
<li>注意: 此处大部分配置,仅对当前站点有效!</li>\
</ul>\
</div>';
$("#s_w_c").html(con);
});
}
function wafSite(){
owPost('get_site_config', {}, function(data){
@ -900,10 +1251,10 @@ function wafSite(){
<td>\
<div class="ssh-item" style="margin-left:0">\
<input class="btswitch btswitch-ios" id="closeget_'+ i + '" type="checkbox" ' + (v.open ? 'checked' : '') + '>\
<label class="btswitch-btn" for="closeget_'+ i + '" onclick="set_site_obj_state(\'' + v.siteName + '\',\'open\')"></label>\
<label class="btswitch-btn" for="closeget_'+ i + '" onclick="set_site_obj_state(\'' + k + '\',\'open\')"></label>\
</div>\
</td>\
<td class="text-right"><a onclick="site_waf_log(\''+ k + '\')" class="btlink ' + (v.log_size > 0 ? 'dot' : '') + '">日志</a> | <a onclick="site_waf_config(\'' + v.siteName + '\')" class="btlink"></a></td>\
<td class="text-right"><a onclick="siteWafLog(\''+ k + '\')" class="btlink ' + (v.log_size > 0 ? 'dot' : '') + '">日志</a> | <a onclick="siteWafConfig(\'' + k + '\')" class="btlink"></a></td>\
</tr>'
});

2
plugins/op_waf/waf/config.json
Unescape View File

@ -1 +1 @@
{"reqfile_path": "/Users/midoks/Desktop/fwww/server/openresty/nginx/conf/waf/html", "retry": {"retry_time": "180", "is_open_global": "0", "retry": "6", "retry_cycle": "60"}, "log": true, "retry_cycle": 60, "scan": {"status": 444, "ps": "\u8fc7\u6ee4\u5e38\u89c1\u626b\u63cf\u6d4b\u8bd5\u5de5\u5177\u7684\u6e17\u900f\u6d4b\u8bd5", "open": true, "reqfile": ""}, "cc": {"status": 444, "ps": "\u8fc7\u8651CC\u653b\u51fb", "limit": 120, "endtime": 300, "open": true, "reqfile": "", "cycle": 60}, "body_character_string": [], "start_time": 1556095983.425878, "get": {"status": 403, "ps": "\u8fc7\u6ee4uri\u3001uri\u53c2\u6570\u4e2d\u5e38\u89c1sql\u6ce8\u5165\u3001xss\u7b49\u653b\u51fb", "open": true, "reqfile": "get.html"}, "body_regular": [], "log_save": 30, "user-agent": {"status": 403, "ps": "\u901a\u5e38\u7528\u4e8e\u8fc7\u6ee4\u6d4f\u89c8\u5668\u3001\u8718\u86db\u53ca\u4e00\u4e9b\u81ea\u52a8\u626b\u63cf\u5668", "open": true, "reqfile": "user_agent.html"}, "retry_time": 180, "other": {"status": 403, "ps": "\u5176\u5b83\u975e\u901a\u7528\u8fc7\u6ee4", "reqfile": "other.html"}, "cookie": {"status": 403, "ps": "\u8fc7\u6ee4\u5229\u7528Cookie\u53d1\u8d77\u7684\u6e17\u900f\u653b\u51fb", "open": true, "reqfile": "cookie.html"}, "logs_path": "/www/wwwlogs/btwaf", "post": {"status": 403, "ps": "\u8fc7\u6ee4POST\u53c2\u6570\u4e2d\u5e38\u89c1sql\u6ce8\u5165\u3001xss\u7b49\u653b\u51fb", "open": true, "reqfile": "post.html"}, "open": true}
{"reqfile_path": "/Users/midoks/Desktop/fwww/server/openresty/nginx/conf/waf/html", "retry": {"retry_time": "180", "is_open_global": "0", "retry": "6", "retry_cycle": "60"}, "log": true, "retry_cycle": 60, "scan": {"status": 444, "ps": "\u8fc7\u6ee4\u5e38\u89c1\u626b\u63cf\u6d4b\u8bd5\u5de5\u5177\u7684\u6e17\u900f\u6d4b\u8bd5", "open": true, "reqfile": ""}, "cc": {"status": 444, "ps": "\u8fc7\u8651CC\u653b\u51fb", "limit": 120, "endtime": 300, "open": true, "reqfile": "", "cycle": 60}, "body_character_string": [], "start_time": 1556095983.425878, "get": {"status": 403, "ps": "\u8fc7\u6ee4uri\u3001uri\u53c2\u6570\u4e2d\u5e38\u89c1sql\u6ce8\u5165\u3001xss\u7b49\u653b\u51fb", "open": true, "reqfile": "get.html"}, "body_regular": [], "log_save": 30, "user-agent": {"status": 403, "ps": "\u901a\u5e38\u7528\u4e8e\u8fc7\u6ee4\u6d4f\u89c8\u5668\u3001\u8718\u86db\u53ca\u4e00\u4e9b\u81ea\u52a8\u626b\u63cf\u5668", "open": true, "reqfile": "user_agent.html"}, "logs_path": "/www/wwwlogs/btwaf", "other": {"status": 403, "ps": "\u5176\u5b83\u975e\u901a\u7528\u8fc7\u6ee4", "reqfile": "other.html"}, "cookie": {"status": 403, "ps": "\u8fc7\u6ee4\u5229\u7528Cookie\u53d1\u8d77\u7684\u6e17\u900f\u653b\u51fb", "open": true, "reqfile": "cookie.html"}, "retry_time": 180, "post": {"status": 403, "ps": "\u8fc7\u6ee4POST\u53c2\u6570\u4e2d\u5e38\u89c1sql\u6ce8\u5165\u3001xss\u7b49\u653b\u51fb", "open": true, "reqfile": "post.html"}, "open": true}

8
route/static/app/public.js
Unescape View File

@ -22,6 +22,14 @@ function tableFixed(name) {
tableName.addEventListener('scroll', scrollHandle);
}
function escapeHTML(a){
a = "" + a;
return a.replace(/&/g, "&amp;").replace(/</g, "&lt;").
replace(/>/g, "&gt;").replace(/"/g, '&quot;').
replace(/'/g,"‘").replace(/\(/g,"&#40;").replace(/\&#60;/g,"&lt;").
replace(/\&#62;/g,"&gt;").replace(/`/g,"&#96;").replace(/=/g,"=");
}
function scrollHandle(e) {
var scrollTop = this.scrollTop;
//this.querySelector('thead').style.transform = 'translateY(' + scrollTop + 'px)';

Write Preview
Loading…
Cancel
Save