diff --git a/plugins/op_waf/waf/lua/common.lua b/plugins/op_waf/waf/lua/common.lua index 663224aad..e6b11c50b 100644 --- a/plugins/op_waf/waf/lua/common.lua +++ b/plugins/op_waf/waf/lua/common.lua @@ -378,9 +378,8 @@ function _M.is_ngx_match_orgin(self,rule,match, sign) end -function _M.ngx_match_string(self, rules, content,sign) - - local t = self:is_ngx_match_orgin(rules, content, sign) +function _M.ngx_match_string(self, rule, content,sign) + local t = self:is_ngx_match_orgin(rule, content, sign) if t then return true end @@ -388,6 +387,19 @@ function _M.ngx_match_string(self, rules, content,sign) return false end +function _M.ngx_match_list(self, rules, content) + for i,rule in ipairs(rules) + do + if rule[1] == 1 then + local t = self:is_ngx_match_orgin(rule[2], content, rule[3]) + if t then + return true + end + end + end + return false +end + function _M.is_ngx_match_ua(self, rules, content) -- ngx.header.content_type = "text/html" for i,rule in ipairs(rules) @@ -477,7 +489,7 @@ function _M.write_log(self, name, rule) else ngx.shared.drop_ip:set(ip,1,retry_cycle) end - + if self.config['log'] ~= true or self:is_site_config('log') ~= true then return false end local method = ngx.req.get_method() if error_rule then diff --git a/plugins/op_waf/waf/lua/init.lua b/plugins/op_waf/waf/lua/init.lua index 6a50cbe29..a50ffaf80 100644 --- a/plugins/op_waf/waf/lua/init.lua +++ b/plugins/op_waf/waf/lua/init.lua @@ -553,7 +553,7 @@ function waf_cookie() if not params["request_header"]['cookie'] then return false end if type(params["request_header"]['cookie']) ~= "string" then return false end request_cookie = string.lower(params["request_header"]['cookie']) - if C:is_ngx_match(cookie_rules,request_cookie,'cookie') then + if C:ngx_match_list(cookie_rules,request_cookie,'cookie') then C:write_log('cookie','regular') C:return_html(config['cookie']['status'],cookie_html) return true