xray icon indicating copy to clipboard operation
xray copied to clipboard
verified publisher icon chaitin

dirscan遇到waf会有误报

Open j4vaovo opened this issue 2 years ago • 1 comments 

GET /.svn/entries HTTP/1.1
Host: www.uc.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0
Accept-Encoding: gzip

HTTP/1.1 200 
Access-Control-Allow-Credentials: true
Bxpunish: 1
Cache-Control: no-store
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
Date: Thu, 06 Jul 2023 12:30:40 GMT
Eagleeye-Traceid: 2104674b16886466409675374e7a1d
Server: Tengine
Strict-Transport-Security: max-age=31536000
Timing-Allow-Origin: *
Vary: Accept-Encoding


<a id="a-link" href="https://g.alicdn.com/sd/punish/waf_block.html?wh_ttid=pc&uuid=d1a814dfed9952ba57f2dec68f5c062a&origin=https%3A%2F%2Fwww.uc.cn%2F.svn%2Fentries"></a>
<script>
  document.getElementById("a-link").click();

  window._config_ = {
    "action": "block",
    "url": "https://g.alicdn.com/sd/punish/block_h5.html?wh_ttid=pc&uuid=d1a814dfed9952ba57f2dec68f5c062a&origin=https%3A%2F%2Fwww.uc.cn%2F.svn%2Fentries"
  };
</script>
<!--rgv587_flag:sm-->

建议判断下Content-Type是否为text/plain

j4vaovo avatar Jul 14 '23 01:07 j4vaovo

@j4vaovo 收到,计划在新版本中处理

4ra1n avatar Jul 14 '23 03:07 4ra1n