Skip to content

Commit

Permalink
增加上传后缀名限制
Browse files Browse the repository at this point in the history
  • Loading branch information
@loveshell
loveshell committed Apr 16, 2013
1 parent 8fbd9e7 commit dce9365
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions waf.lua
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,5 @@
if ngx.re.match(ngx.var.request_uri,whitelist,"isjo") then
return
--elseif ngx.req.get_method()=='POST' and ngx.re.match(ngx.req.get_body_data(),[[^(Content-Disposition: form-data;(.*)filename="(.*).(gif|jpg|jpeg|png|bmp|zip|rar)").*$]],"isjo") then
-- return
else
if ngx.re.match(ngx.unescape_uri(ngx.var.request_uri),regex.."|"..get,"isjo") then
log('GET',ngx.unescape_uri(ngx.var.request_uri))
Expand All @@ -17,6 +15,8 @@ else
elseif ngx.req.get_method()=='POST' and ngx.re.match(ngx.unescape_uri(ngx.req.get_body_data()),regex.."|"..post,"isjo") then
log('POST',ngx.unescape_uri(ngx.var.request_uri),ngx.unescape_uri(ngx.req.get_body_data()))
check()
elseif string.len(filext) >0 and ngx.req.get_body_data() and ngx.re.match(ngx.req.get_body_data(),[[^(Content-Disposition: form-data;(.*)filename="(.*).("..filext..")").*$]],"isjo") then
check()
-- elseif ngx.req.get_headers()["Cookie"] and ngx.re.match(ngx.unescape_uri(ngx.req.get_headers()["Cookie"]),regex,"isjo")then
-- log('COOKIE',ngx.unescape_uri(ngx.var.request_uri),ngx.unescape_uri(ngx.req.get_headers()["Cookie"]))
-- check()
Expand Down

0 comments on commit dce9365

Please sign in to comment.