Public/Safe3-uusec-waf
2
0
Fork 0
mirror of https://github.com/Safe3/uusec-waf.git synced 2025-10-04 06:51:54 +08:00
Code Issues Projects Releases Packages Wiki Activity
Safe3-uusec-waf/rules/boundary-exception-interception.lua
UUSEC Technology e66cca6014 v7.0.0 
### Feature Updates

**Interface & Management**

- Redesigned main program and management interface with improved aesthetics and usability, supports UI language switching (English/Chinese)
- Added Rule Collections functionality: Create custom rule templates for batch configuration
- Introduced whitelist rules that terminate further rule matching upon success
- UUSEC WAF Rules API intelligent suggestions during advanced rule editing:ml-citation
- New plugin management supporting hot-reloaded plugins to extend WAF capabilities

**Protocol & Optimization**

- Supports streaming responses for continuous data push (e.g., LLM stream outputs)
- Enables Host header modification during proxying for upstream service access
- Search engine validation: `waf.searchEngineValid(dns,ip,ua)` prevents high-frequency rules from affecting SEO indexing
- Interception log report generation (HTML/PDF exports)
- Automatic rotation of UUSEC WAF error/access logs to prevent performance issues

**Security & Infrastructure**

- Expanded free SSL certificate support: HTTP-01 & DNS-01 verification across 50+ domain providers
- Customizable advanced WAF settings: HTTP2, GZIP, HTTP Caching, SSL protocols, etc
- Cluster configuration: Manage UUSEC WAF nodes and ML servers via web UI
2025-07-02 09:47:41 +08:00

19 lines
No EOL
695 B
Lua
Raw Permalink Blame History

--[[
Rule name: Boundary exception interception
Filtering stage: Request phase
Threat level: Critical
Rule description: Intercept the abnormal boundary of multipart/form data in the content type header of the request, for example, PHP did not comply with the RFC specification when uploading and parsing the boundary, resulting in incorrect parsing of commas.
--]]
local ct = waf.reqContentType
if ct then
if type(ct) ~= "string" then
return true, "Malform Content-Type", true
elseif waf.contains(ct, "boundary") and (waf.strCounter(ct, "boundary") > 1 or not waf.rgxMatch(ct, "boundary=[0-9A-Za-z\\-]+$", "jo")) then
return true, ct, true
end
end
return false
Reference in a new issue View git blame Copy permalink