diff --git a/plugins/op_waf/waf/lua/init.lua b/plugins/op_waf/waf/lua/init.lua
index db0797235..60e91047e 100644
--- a/plugins/op_waf/waf/lua/init.lua
+++ b/plugins/op_waf/waf/lua/init.lua
@@ -46,8 +46,6 @@ local user_agent_html = C:read_file_body(config["reqfile_path"] .. '/' .. config
 local args_rules = C:read_file_table('args')
 local ip_white_rules = C:read_file('ip_white')
 local ip_black_rules = C:read_file('ip_black')
-local url_white_rules = C:read_file('url_white')
-local url_black_rules = C:read_file('url_black')
 local scan_black_rules = C:read_file('scan_black')
 
 function waf_args()
@@ -214,14 +212,13 @@ function waf_post()
     content_length = tonumber(params["request_header"]['content-length'])
     max_len = 640 * 1020000
     if content_length > max_len then return false end
-    if get_boundary() then return false end
+    if C:get_boundary() then return false end
     ngx.req.read_body()
     request_args = ngx.req.get_post_args()
     if not request_args then
         return false
     end
 
-    --return return_message(200,request_args)
     if C:is_ngx_match(post_rules,request_args,'post') then
         C:write_log('post','regular')
         C:return_html(config['post']['status'],post_html)
@@ -233,7 +230,7 @@ end
 
 function  post_data_chekc()
     if params['method'] =="POST" then
-        if return_post_data() then return false end
+        if C:return_post_data() then return false end
         request_args = ngx.req.get_post_args()
         if not request_args then return false end
         if not request_header['Content-Type'] then return false end
@@ -429,7 +426,30 @@ function post_data()
     return false
 end
 
-ngx.header.content_type = "text/html"
+function waf_cookie()
+    if not config['cookie']['open'] or not C:is_site_config('cookie') then return false end
+    if not params["request_header"]['cookie'] then return false end
+    if type(params["request_header"]['cookie']) ~= "string" then return false end
+    request_cookie = string.lower(params["request_header"]['cookie'])
+    if C:is_ngx_match(cookie_rules,request_cookie,'cookie') then
+        C:write_log('cookie','regular')
+        C:return_html(config['cookie']['status'],cookie_html)
+        return true
+    end
+    return false
+end
+
+function waf_referer()
+    if params["method"] ~= "GET" then return false end
+    if not config['get']['open'] or not C:is_site_config('get') then return false end
+    if C:is_ngx_match(referer_local,params["request_header"]['Referer'],'args') then
+        C:write_log('get_referer','regular')
+        C:return_html(config['get']['status'], get_html)
+        return true
+    end
+    return false
+end
+
 function waf()
 
     if waf_ip_white() then return true end
@@ -442,15 +462,13 @@ function waf()
     waf_url()
 
     if params["method"] == "GET" then
-        -- waf_referer()  
-        -- waf_cookie()
+        waf_referer()  
+        waf_cookie()
     end
 
-
     if params["method"] == "POST" then
-        -- ngx.req.read_body()
-        -- request_args111 = ngx.req.get_post_args()
-        -- waf_cookie()
+        waf_referer()
+        waf_cookie()
     end
 
     waf_args()