Commit dbd87ab3 by Joneq

答应header变量

parent c98eab8e
Showing with 7 additions and 5 deletions
...@@ -12,8 +12,9 @@ function _ReM.checkgoogle(red) ...@@ -12,8 +12,9 @@ function _ReM.checkgoogle(red)
ngx.var.host .. ':' .. ngx.var.server_port .. ngx.var.request_uri) ngx.var.host .. ':' .. ngx.var.server_port .. ngx.var.request_uri)
dest = 'http://passport.ichunt.com/static/login.html' .. '?continue=' .. source_url dest = 'http://passport.ichunt.com/static/login.html' .. '?continue=' .. source_url
--新增如果refer不在对应的设置里面,才计算302重定向次数 --新增如果refer不在对应的设置里面,才计算302重定向次数 get_headers里面就是浏览器的请求头小写
if red:sismember('waf_urldesc_limit', ngx.req.get_headers()['referer']) == 0 then if red:sismember('waf_white_refer', ngx.req.get_headers()['referer']) == 0 then
--获取多少时间内同一个ip可以几次302,超过就加入黑名单 --获取多少时间内同一个ip可以几次302,超过就加入黑名单
threezerotwo_second , err = red:get('threezerotwo_second') threezerotwo_second , err = red:get('threezerotwo_second')
......
...@@ -22,6 +22,8 @@ local cjson = require "cjson" ...@@ -22,6 +22,8 @@ local cjson = require "cjson"
-------去除一些不要验证的请求并获取url -------去除一些不要验证的请求并获取url
local urlok,temp_uri = reqhandle.Selfwhiteurl() local urlok,temp_uri = reqhandle.Selfwhiteurl()
...@@ -57,9 +59,8 @@ if config.redis_auth ~= "" and ok then ...@@ -57,9 +59,8 @@ if config.redis_auth ~= "" and ok then
end end
end end
ngx.say(ngx.req.get_headers()['referer'])
ngx.say(red:sismember('waf_urldesc_limit', ngx.req.get_headers()['referer']) == 0)
ngx.exit(ngx.HTTP_FORBIDDEN)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment