From e23694e2099fd396f50302b377b5c9da6e73626b Mon Sep 17 00:00:00 2001
From: potatso <bangzhiliang@gmail.com>
Date: Tue, 8 Aug 2023 13:56:46 +0800
Subject: [PATCH] =?UTF-8?q?fixed:=20=E5=A4=9A=E5=8F=82=E6=95=B0=E4=BB=A5?=
 =?UTF-8?q?=E5=8F=8A=E6=97=A0=E5=8F=82=E6=95=B0=E5=A4=84=E7=90=86?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 lib/resty/coraza/request.lua | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/lib/resty/coraza/request.lua b/lib/resty/coraza/request.lua
index c12a153..e2e113a 100644
--- a/lib/resty/coraza/request.lua
+++ b/lib/resty/coraza/request.lua
@@ -26,7 +26,7 @@ function _M.build_and_process_header(transaction)
             for _, value in ipairs(v) do
                 coraza.add_request_header(transaction, k, value)
             end
-        else 
+        else
             coraza.add_request_header(transaction, k, v)
         end
     end
@@ -34,6 +34,7 @@ function _M.build_and_process_header(transaction)
 end
 
 function _M.build_and_process_body(transaction)
+    ngx.req.read_body()
     local req_body = ngx.req.get_body_data()
     if req_body then
         -- TODO: fix code to process multipart/formdata
@@ -49,19 +50,20 @@ end
 function _M.build_and_process_get_args(transaction)
     -- process http get args if has
     local arg = ngx.req.get_uri_args()
-    for k,v in pairs(arg) do
+    for k, v in pairs(arg) do
         if type(v) == "table" then
             nlog(warn_fmt("http get args potentially has HPP!"))
             for _, value in ipairs(v) do
-                coraza.add_get_args(transaction, k, value)
+                if type(value) == "string" then
+                    -- 类似于 test.com?test 有key无value,value为boolean
+                    coraza.add_get_args(transaction, k, value)
+                end
             end
-        else
+        elseif type(v) == "string" then
+            -- 类似于 test.com?test 有key无value,value为boolean
             coraza.add_get_args(transaction, k, v)
         end
     end
 end
 
-return _M
-
-
-
+return _M
\ No newline at end of file