From 573ba91483b9ea7b0a387cff7d4f21c58d1ac15b Mon Sep 17 00:00:00 2001 From: potatso Date: Tue, 4 Jul 2023 14:14:29 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E6=96=B0=E5=A2=9Eapisix=E5=8A=A8?= =?UTF-8?q?=E6=80=81=E9=85=8D=E7=BD=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- lib/apisix-coraza.lua | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/lib/apisix-coraza.lua b/lib/apisix-coraza.lua index ccd30be..340741d 100644 --- a/lib/apisix-coraza.lua +++ b/lib/apisix-coraza.lua @@ -23,14 +23,24 @@ local coraza = require "resty.coraza" local schema = { type = "object", properties = { - body = { - description = "coraza waf plugins.", + Mode = { + description = "waf running at block mode or monitor mode", type = "string" }, + Rules = { + type = "array", + items = { + type = "string", + minLength = 1, + maxLength = 4096, + }, + uniqueItems = true + }, }, - required = {"body"}, + required = {"Mode"}, } + local plugin_name = "apisix-coraza" local _M = { @@ -41,7 +51,10 @@ local _M = { } function _M.check_schema(conf) - core.log.error("check coraza schema") + core.log.info("check coraza schema") + for i, rule in ipairs(conf.Rules) do + coraza.rules_add(rule) + end return core.schema.check(schema, conf) end @@ -49,7 +62,6 @@ function _M.init() -- call this function when plugin is loaded core_log.info("coraza init") coraza.do_init() - coraza.rules_add([[SecRule REQUEST_HEADERS:User-Agent "Mozilla" "phase:1, id:3,drop,status:452,log,msg:'Blocked User-Agent'"]]) end function _M.access(conf, ctx)