[Suggestion] Custom rule matching targets add Attack Type
Published 2 years ago
# Github Issue
# enhancement
Published 2 years ago
hz157
Updated 2 years ago
0
What would you like to be added or improved?
自定义规则匹配目标增加根据攻击类型匹配,可针对单一攻击类型放行,其他条件组合使用。
Why is it needed?
在线编辑html代码过程中payload可能存在<img src="url"/>等之类的标签,命中XSS特征waf会进行拦截,白名单可针对接口地址及host放行,但这是全类型放行,是否可以增加针对单一攻击类型选择,放行某一攻击类型的请求?
maosite
Admin
Updated 2 years ago
0
disable the xss module?
hz157
Updated 2 years ago
0
disable the xss module?
but i just want to disable one of the path of a web site. Disable the xss module seems to be global?