marcel/zoraxy
1
0
Fork 0
mirror of https://github.com/tobychui/zoraxy.git synced 2025-11-19 15:24:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fixed #886

Browse Source 
- Added well-known to exception for exploit checks
This commit is contained in:
Toby Chui
2025-11-10 21:53:54 +08:00
parent ddf43e3059
commit 480923565e
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/mod/dynamicproxy/exploits/exploits.go
View File

@@ -19,6 +19,7 @@ import (
_ "embed" _ "embed"
"net/http" "net/http"
"regexp" "regexp"
"strings"
agents "github.com/monperrus/crawler-user-agents" agents "github.com/monperrus/crawler-user-agents"
) )
@@ -50,6 +51,10 @@ func NewExploitDetector(CheckCommonExploits bool, CheckAiBots bool, ExploitRespT
// CheckIsAttack checks if the request is an attack based on common exploits // CheckIsAttack checks if the request is an attack based on common exploits
// return true if the request is handled // return true if the request is handled
func (d *Detector) CheckIsAttack(w http.ResponseWriter, r *http.Request) bool { func (d *Detector) CheckIsAttack(w http.ResponseWriter, r *http.Request) bool {
path := r.URL.Path
if strings.HasPrefix(path, "/.well-known/") {
return false
}
if d.CheckCommonExploits && d.RequestContainCommonExploits(r) { if d.CheckCommonExploits && d.RequestContainCommonExploits(r) {
return d.handleExploitResponse(w, r, d.ExploitRespType) return d.handleExploitResponse(w, r, d.ExploitRespType)
} }