k4n5ha0 issues

Results 42 issues of


                                            k4n5ha0

### 问题描述 https://github.com/alibaba/fastjson2/wiki/fastjson2_autotype_cn 以上wiki中描述： 1）显式打开后，会经过内置黑名单过滤。该黑名单能拦截大部分常见风险 2）当打开AutoTypeSupport，虽然内置了一个比较广泛的黑名单但是下面这个commit中已经删掉了黑名单： https://github.com/alibaba/fastjson2/commit/f7d91ae3d003f185151feea380f9319df2610c17 ### 期待的正确结果 https://github.com/alibaba/fastjson2/wiki/fastjson2_autotype_cn 以上wiki中描述中黑名单的部分和代码实际应一致

bug

更新文件名末尾加斜杠或反斜杠的技巧

防止文件名最后的字符为斜杠或反斜杠的绕过技巧 ![image](https://user-images.githubusercontent.com/22064977/210476873-4521e3a9-b487-4929-91a7-c79fff5b4259.png) 正则修改后的测试结果 ![image](https://user-images.githubusercontent.com/22064977/210476511-96b3ebfe-67a5-47d8-99ed-0ee784d32af4.png)

add a tag like #{} ${} reopen! i have a new idea!

Hi! i am a web security engineer. With my communicate, my colleagues accepted use #{} is safe. If don't check code very carefully, useing ${} wil be create a sql...

Code update request

the old repo: https://github.com/client9/libinjection isn't update any more. Can you update libinjection code from https://github.com/libinjection/libinjection thx :-)

Add two new security verification functions to achieve flexible use of security verification

## Summary Two new functions are expected, isSqli and isXss，functions with no log but more speed ### Basic example ``` cfg := coraza.NewWAFConfig(). WithRootFS(coreruleset.FS). WithDirectives("Include @coraza.conf-recommended"). WithDirectivesFromFile("@owasp_crs/REQUEST*.conf") waf, err :=...

k4n5ha0

Update application.properties

为了兼容反向代理将绝对路径改为uri

[BUG] wiki描述有误

更新文件名末尾加斜杠或反斜杠的技巧

add a tag like #{} ${} reopen! i have a new idea!

Code update request

Add two new security verification functions to achieve flexible use of security verification

Signed-off-by: 国产大熊猫 <[email protected]>

a bad case

question：