diff --git a/plugin/business/pangu-http/src/pangu_http.cpp b/plugin/business/pangu-http/src/pangu_http.cpp
index a1ef650..86d6f4f 100644
--- a/plugin/business/pangu-http/src/pangu_http.cpp
+++ b/plugin/business/pangu-http/src/pangu_http.cpp
@@ -417,17 +417,20 @@ static enum pangu_action decide_ctrl_action(const struct Maat_rule_t * hit_rules
 
 	for (i = 0; i < n_hit; i++)
 	{
-		if ((enum pangu_action) hit_rules[i].action == PG_ACTION_MONIT)
+		unsigned char __expand_action = (unsigned char) hit_rules[i].action;
+		enum pangu_action __action = (enum pangu_action) __expand_action;
+
+		if (__action == PG_ACTION_MONIT)
 		{
 			memcpy(monit_rule + n_monit, hit_rules + i, sizeof(struct Maat_rule_t));
 			n_monit++;
 		}
-		if (action_cmp((enum pangu_action) hit_rules[i].action, prior_action)>0)
+		if (action_cmp(__action, prior_action) > 0)
 		{
 			prior_rule = hit_rules + i;
-			prior_action = (enum pangu_action) hit_rules[i].action;
+			prior_action = __action;
 		}
-		else if (action_cmp((enum pangu_action) hit_rules[i].action, prior_action) == 0)
+		else if (action_cmp(__action, prior_action) == 0)
 		{
 			if (hit_rules[i].config_id > prior_rule->config_id)
 			{
@@ -456,7 +459,6 @@ static enum pangu_action decide_ctrl_action(const struct Maat_rule_t * hit_rules
 	}
 
 	*enforce_rules = (struct Maat_rule_t *) realloc(*enforce_rules, sizeof(struct Maat_rule_t) * (*n_enforce));
-
 	if (prior_action == PG_ACTION_MONIT)
 	{
 		memcpy(*enforce_rules + exist_enforce_num, monit_rule, n_monit * sizeof(struct Maat_rule_t));
@@ -847,6 +849,7 @@ enum pangu_action http_scan(const struct tfe_http_session * session, enum tfe_ht
 			}
 		}
 	}
+
 	if ((events & EV_HTTP_REQ_BODY_BEGIN) | (events & EV_HTTP_RESP_BODY_BEGIN))
 	{
 		assert(ctx->sp == NULL);
@@ -854,6 +857,7 @@ enum pangu_action http_scan(const struct tfe_http_session * session, enum tfe_ht
 			->scan_table_id[PXY_CTRL_HTTP_RES_BODY];
 		ctx->sp = Maat_stream_scan_string_start(g_pangu_rt->maat, table_id, ctx->thread_id);
 	}
+
 	if (body_frag != NULL)
 	{
 		scan_ret = Maat_stream_scan_string(&(ctx->sp), CHARSET_UTF8, (const char *) body_frag, (int) frag_size,
@@ -863,6 +867,7 @@ enum pangu_action http_scan(const struct tfe_http_session * session, enum tfe_ht
 			hit_cnt += scan_ret;
 		}
 	}
+
 	if ((events & EV_HTTP_REQ_BODY_END) | (events & EV_HTTP_RESP_BODY_END))
 	{
 		Maat_stream_scan_string_end(&(ctx->sp));
@@ -872,6 +877,8 @@ enum pangu_action http_scan(const struct tfe_http_session * session, enum tfe_ht
 	if (hit_cnt > 0)
 	{
 		ctx->action = decide_ctrl_action(result, hit_cnt, &ctx->enforce_rules, &ctx->n_enforce);
+		if (ctx->action == PG_ACTION_WHITELIST) goto __out;
+
 		size_t __serv_def_len = (size_t)ctx->enforce_rules[0].serv_def_len;
 		ctx->enforce_para = ALLOC(char, __serv_def_len);
 
@@ -895,11 +902,14 @@ enum pangu_action http_scan(const struct tfe_http_session * session, enum tfe_ht
 			}
 
 			*p = '\0';
+
 			TFE_LOG_INFO(g_pangu_rt->local_logger, "Multiple rules matched: url=%s num=%lu ids=%s execute=%d.",
 				session->req->req_spec.url, hit_cnt, buff, ctx->enforce_rules[0].config_id);
 		}
 	}
 
+
+__out:
 	return ctx->action;
 }
 void enforce_control_policy(const struct tfe_stream * stream, const struct tfe_http_session * session,