恢复百分号替换，增加编码前的百分号替换，注释，需要可自行开启

Author: loveshell

waf.lua

@@ -3,10 +3,13 @@ if  ngx.re.match(ngx.var.request_uri,whitelist,"isjo") then
 elseif ngx.req.get_body_data() and ngx.re.match(ngx.req.get_body_data(),[[^(?!Content-Disposition: form-data;(.*)filename="(.*).(php|jsp|phtml|asp|aspx|cgi)").*$]],"isjo") then
     return
 else
-    if ngx.re.match(ngx.unescape_uri(ngx.var.request_uri),regex.."|"..get,"isjo") then
+    if ngx.re.match(string.gsub(ngx.unescape_uri(ngx.var.request_uri),"\\%",""),regex.."|"..get,"isjo") then
         log('GET',ngx.unescape_uri(ngx.var.request_uri))
         check()
-    elseif ngx.req.get_body_data() and ngx.re.match(ngx.unescape_uri(ngx.req.get_body_data()),regex,"isjo")then
+    --    elseif ngx.re.match(string.gsub(ngx.var.request_uri,"\\%",""),regex.."|"..get,"isjo") then
+--        log('GET',ngx.var.request_uri)
+--        check()
+    elseif ngx.req.get_body_data() and ngx.re.match(string.gsub(ngx.unescape_uri(ngx.req.get_body_data()),"\\%",""),regex,"isjo")then
         log('POST',ngx.unescape_uri(ngx.var.request_uri),ngx.unescape_uri(ngx.req.get_body_data()))
         check()
 --    elseif ngx.req.get_headers()["Cookie"] and ngx.re.match(ngx.unescape_uri(ngx.req.get_headers()["Cookie"]),regex,"isjo")then