midoks
/
mdserver-web
mirror of https://github.com/midoks/mdserver-web
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

up

Browse Source
pull/209/head
midoks 3 years ago
parent 5cb2aefbbc
commit b8b3a237ef
3 changed files with 15 additions and 9 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 5
      plugins/op_waf/index.py
  2. 4
      plugins/op_waf/js/op_waf.js
  3. 15
      plugins/op_waf/t/index.py

5
plugins/op_waf/index.py
Unescape View File

@ -806,7 +806,7 @@ def getLogsList():
return data[1] return data[1]
data = [] data = []
path = mw.getLogsDir() + '/waf' path = getServerDir() + '/logs'
if not os.path.exists(path): if not os.path.exists(path):
return mw.returnJson(False, '还未生成!', []) return mw.returnJson(False, '还未生成!', [])
@ -829,7 +829,8 @@ def getSafeLogs():
if not data[0]: if not data[0]:
return data[1] return data[1]
path = mw.getLogsDir() + '/waf' path = getServerDir() + '/logs'
file = path + '/' + args['siteName'] + '_' + args['toDate'] + '.log' file = path + '/' + args['siteName'] + '_' + args['toDate'] + '.log'
if not os.path.exists(file): if not os.path.exists(file):
return mw.returnJson(False, "文件不存在!") return mw.returnJson(False, "文件不存在!")

4
plugins/op_waf/js/op_waf.js
Unescape View File

@ -826,8 +826,8 @@ function wafScreen(){
<div class="line"><span class="name">Cookie渗透</span><span class="val">'+rdata.rules.cookie+'</span></div>\ <div class="line"><span class="name">Cookie渗透</span><span class="val">'+rdata.rules.cookie+'</span></div>\
<div class="line"><span class="name">恶意扫描</span><span class="val">0</span></div>\ <div class="line"><span class="name">恶意扫描</span><span class="val">0</span></div>\
<div class="line"><span class="name">恶意HEAD请求</span><span class="val">0</span></div>\ <div class="line"><span class="name">恶意HEAD请求</span><span class="val">0</span></div>\
<div class="line"><span class="name">URI自定义拦截</span><span class="val">0</span></div>\ <div class="line"><span class="name">URI自定义拦截</span><span class="val">'+rdata.rules.args+'</span></div>\
<div class="line"><span class="name">URI保护</span><span class="val">0</span></div>\ <div class="line"><span class="name">URI保护</span><span class="val">'+rdata.rules.args+'</span></div>\
<div class="line"><span class="name">恶意文件上传</span><span class="val">0</span></div>\ <div class="line"><span class="name">恶意文件上传</span><span class="val">0</span></div>\
<div class="line"><span class="name">禁止的扩展名</span><span class="val">0</span></div>\ <div class="line"><span class="name">禁止的扩展名</span><span class="val">0</span></div>\
<div class="line"><span class="name">禁止PHP脚本</span><span class="val">0</span></div>\ <div class="line"><span class="name">禁止PHP脚本</span><span class="val">0</span></div>\

15
plugins/op_waf/t/index.py
Unescape View File

@ -7,13 +7,18 @@ import time
import json import json
TEST_URL = "t1.cn" TEST_URL = "http://t1.cn/"
def run(): def run():
print('op lua run ok') url = TEST_URL + '?t=../etc/passwd'
print("args test start")
print("args test end")
def test_start():
if __name__ == "__main__": if __name__ == "__main__":
if len(sys.argv) > 1: test_start()
if action == "run":
run()

Write Preview
Loading…
Cancel
Save