2.2 KiB
HTTP特征中自定义RequsetHeader为Host时,策略无法生效
| ID | Creation Date | Assignee | Status |
|---|---|---|---|
| OMPUB-914 | 2023-05-10T18:33:06.000+0800 | 刘学利 | 已解决 |
测试环境:https://tsg.bj.internal.geedge.net
在HTTP特征中自定义RequestHeader为Host:dsafes.srtfss.xyz,并生效一个关联的HTTP阻断策略,访问网站http://dsafes.srtfss.xyz,无阻断效果
!screenshot-3.png|thumbnail!
!screenshot-1.png|thumbnail!
!screenshot-2.png|thumbnail!
访问网站有对应的会话日志 !screenshot-4.png|thumbnail!
捕包中有Host:dsafes.srtfss.xyz内容 !screenshot-5.png|thumbnail!
zhangzhihan commented on 2023-05-11T17:16:13.600+0800:
测试了 http://dsafes.srtfss.xyz 这个网址所有的RequestHeader的阻断效果,除 【Upgrade-Insecure-Requests】(值为1无法成功创建对象) 以及 【Host】 外,其余均阻断成功 !screenshot-6.png|thumbnail!
liuxueli commented on 2023-05-12T15:32:35.227+0800:
- 功能端不支持在Request Header中配置HOST和URL,可以在HOST或URL的Filter中单独添加。
Attachments
Attachment: dsafes.srtfss.xyz.pcap
Attachment: screenshot-1.png
Attachment: screenshot-2.png
Attachment: screenshot-3.png
Attachment: screenshot-4.png
Attachment: screenshot-5.png
Attachment: screenshot-6.png
