diff --git a/plugin/business/pangu-http/src/pangu_http.cpp b/plugin/business/pangu-http/src/pangu_http.cpp index 52e3229..690df06 100644 --- a/plugin/business/pangu-http/src/pangu_http.cpp +++ b/plugin/business/pangu-http/src/pangu_http.cpp @@ -1564,53 +1564,6 @@ void http_replace(const struct tfe_stream * stream, const struct tfe_http_sessio } } -static UNUSED void http_reject(const struct tfe_http_session * session, enum tfe_http_event events, - struct pangu_http_ctx * ctx) -{ - int resp_code = 0; - struct tfe_http_half * response = NULL; - char * page_buff = NULL; - size_t page_size = 0; - - char cont_len_str[16]; - - char *msg = NULL; - struct tfe_http_session * to_write_sess = NULL; - - struct policy_action_param *param = ctx->param; - - resp_code = param->status_code; - msg = param->message; - if (resp_code <= 0){ - TFE_LOG_ERROR(g_pangu_rt->local_logger, "Invalid block rule %d", ctx->enforce_rules[0].config_id); - ctx->action = PG_ACTION_NONE; - return; - } - - if(events & EV_HTTP_RESP_HDR || tfe_http_in_request(events)) - { - to_write_sess = tfe_http_session_allow_write(session); - response = tfe_http_session_response_create(to_write_sess, resp_code); - - template_generate(resp_code, ctx->enforce_rules[0].config_id, msg, &page_buff, &page_size); - tfe_http_std_field_write(response, TFE_HTTP_CONT_TYPE, "text/html; charset=utf-8"); - snprintf(cont_len_str, sizeof(cont_len_str), "%lu", page_size); - tfe_http_std_field_write(response, TFE_HTTP_CONT_LENGTH, cont_len_str); - - tfe_http_half_append_body(response, page_buff, page_size, 0); - tfe_http_half_append_body(response, NULL, 0, 0); - tfe_http_session_response_set(to_write_sess, response); - tfe_http_session_detach(session); - html_free(&page_buff); - } - else - { - to_write_sess = tfe_http_session_allow_write(session); - tfe_http_session_kill(to_write_sess); - } - return; -} - static void http_get_client_id(const struct tfe_stream * stream, char *replace_regex) { const char *sip,*dip,*sport,*dport; @@ -1745,13 +1698,13 @@ error_out: return; } -static void http_block(const struct tfe_http_session * session, enum tfe_http_event events, +static void http_block(const struct tfe_stream * stream, const struct tfe_http_session * session, enum tfe_http_event events, struct pangu_http_ctx * ctx) { int ret = -1; struct tfe_http_half * response = NULL; - char * page_buff = NULL; - size_t page_size = 0; + char * page_buff = NULL; size_t page_size = 0; + size_t rewrite_message_sz=0; char *rewrite_message=NULL; char cont_len_str[16]; @@ -1776,8 +1729,18 @@ static void http_block(const struct tfe_http_session * session, enum tfe_http_ev ret = html_generate(profile_id, message, &page_buff, &page_size); if (ret != 0) { - /*read local configuration**/ - template_generate(resp_code, ctx->enforce_rules[0].config_id, message, &page_buff, &page_size); + rewrite_message_sz = http_decoder_url(stream, message, ctx->enforce_rules[0].config_id, &rewrite_message); + if(rewrite_message_sz>0 && rewrite_message!= NULL) + { + /*read local configuration**/ + template_generate(resp_code, ctx->enforce_rules[0].config_id, rewrite_message, &page_buff, &page_size); + FREE(&rewrite_message); + } + else + { + /*read local configuration**/ + template_generate(resp_code, ctx->enforce_rules[0].config_id, message, &page_buff, &page_size); + } } tfe_http_std_field_write(response, TFE_HTTP_CONT_TYPE, "text/html; charset=utf-8"); snprintf(cont_len_str, sizeof(cont_len_str), "%lu", page_size); @@ -2196,7 +2159,7 @@ static void http_manipulate(const struct tfe_stream * stream, const struct tfe_h http_redirect(stream, session, events, ctx); break; case MA_ACTION_BLOCK: - http_block(session, events, ctx); + http_block(stream, session, events, ctx); break; case MA_ACTION_REPLACE: http_replace(stream, session, events, body_frag, frag_size, ctx); @@ -2378,7 +2341,7 @@ void enforce_control_policy(const struct tfe_stream * stream, const struct tfe_h //send log on close. break; case PG_ACTION_REJECT: - http_block(session, events, ctx); + http_block(stream, session, events, ctx); break; case PG_ACTION_MANIPULATE: http_manipulate(stream, session, events, body_frag, frag_size, ctx);