增加对referer的访问白名单

3cafd654 · Joneq · da997527 · 3cafd654 · 3cafd654
Commit 3cafd654 authored Jan 14, 2021 by Joneq
Showing with 1 additions and 5 deletions
redirect.lua
waf.lua
--- a/redirect.lua
+++ b/redirect.lua
@@ -17,7 +17,7 @@ function _ReM.checkgoogle(red)
    end

    --新增如果refer不在对应的设置里面，才计算302重定向次数  get_headers里面就是浏览器的请求头小写
-    if red:sismember('ichunt_waf_white_referer', ngx.req.get_headers()['referer']) == 0 then
+    if red:sismember('ichunt_waf_white_referer', ngx.req.get_headers()['referer']) ~= 0 then

        --获取多少时间内同一个ip可以几次302，超过就加入黑名单
        threezerotwo_second , err = red:get('threezerotwo_second')

--- a/waf.lua
+++ b/waf.lua
@@ -64,10 +64,6 @@ if ngx.req.get_headers()['referer'] == nil then
 	ngx.req.get_headers()['referer'] = ""
 end

-ngx.say(ngx.req.get_headers()['referer'])
-ngx.say(red:sismember('ichunt_waf_white_referer', ngx.req.get_headers()['referer']))
-ngx.say(red:sismember('ichunt_waf_white_referer', ngx.req.get_headers()['referer']) == 0)
-ngx.exit(ngx.HTTP_FORBIDDEN)