[Suggestion] Custom rule matching targets add Attack Type #993

hz157 · 2024-07-15T11:51:01Z

What would you like to be added or improved?

自定义规则匹配目标增加根据攻击类型匹配，可针对单一攻击类型放行，其他条件组合使用。

Why is it needed?

在线编辑html代码过程中payload可能存在<img src="url"/>等之类的标签，命中XSS特征waf会进行拦截，白名单可针对接口地址及host放行，但这是全类型放行，是否可以增加针对单一攻击类型选择，放行某一攻击类型的请求？

The text was updated successfully, but these errors were encountered:

safe1ine · 2024-07-16T02:07:25Z

disable the xss module?

hz157 · 2024-07-16T07:25:24Z

disable the xss module?

but i just want to disable one of the path of a web site. Disable the xss module seems to be global?

safe1ine changed the title ~~[Suggestion] 自定义规则匹配目标增加根据攻击类型匹配~~ [Suggestion] Custom rule matching targets add matching based on attack type Jul 16, 2024

Lorna0 changed the title ~~[Suggestion] Custom rule matching targets add matching based on attack type~~ [Suggestion] Custom rule matching targets add attack type Jul 16, 2024

Lorna0 changed the title ~~[Suggestion] Custom rule matching targets add attack type~~ [Suggestion] Custom rule matching targets add Attack Type Jul 18, 2024

Lorna0 added the enhancement New feature or request label Jul 30, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Suggestion] Custom rule matching targets add Attack Type #993

[Suggestion] Custom rule matching targets add Attack Type #993

hz157 commented Jul 15, 2024 •

edited

Loading

safe1ine commented Jul 16, 2024

hz157 commented Jul 16, 2024

[Suggestion] Custom rule matching targets add Attack Type #993

[Suggestion] Custom rule matching targets add Attack Type #993

Comments

hz157 commented Jul 15, 2024 • edited Loading

What would you like to be added or improved?

Why is it needed?

safe1ine commented Jul 16, 2024

hz157 commented Jul 16, 2024

hz157 commented Jul 15, 2024 •

edited

Loading