Permalink
Branch: master
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
61 lines (61 sloc) 1.44 KB
urlWhiteList:
- ^/example/index
postBan:
- \w*((\%27)|(\'))((\%6F)|o|(\%4F))((\%72)|r|(\%52))
- ((\%3D)|(=))[^\n]*((\%27)|(\')|(\-\-)|(\%3B)|(;))
- ((\%27)|(\'))union
- exec(\s|\+)+(s|x)p\w+
- ((\%3C)|<)((\%2F)|\/)*[a-z0-9\%]+((\%3E)|>)
- 3cscript
- 2fscript
- <script
- \(.+select
- \+\(
- \+\s+\(
- \%3C\%73\%63\%72\%69\%70\%74
- \%C0\%BC
- \%E0\%80\%BC
urlBan:
- \w*((\%27)|(\'))((\%6F)|o|(\%4F))((\%72)|r|(\%52))
- ((\%3D)|(=))[^\n]*((\%27)|(\')|(\-\-)|(\%3B)|(;))
- ((\%27)|(\'))union
- exec(\s|\+)+(s|x)p\w+
- ((\%3C)|<)((\%2F)|\/)*[a-z0-9\%]+((\%3E)|>)
- \%3C\%73\%63\%72\%69\%70\%74
- ((\%3C)|<)[^\n]+((\%3E)|>)
- onload
- autofocus
- refresh
queryBan:
- ((\%3C)|<)((\%69)|i|(\%49))((\%6D)|m|(\%4D))((\%67)|g|(\%47))[^\n]+((\%3E)|>)
- 'javascript\:'
- img(\%20)+src
- img(\%20)+dynsrc
- img(\%20)+lowsrc
- javascript\%3a
- onload
- onerror
- onclick
- \%22.*-\w
- \%22\%3e\%3c
- \)(%20|)+%3e
- \%5c%\22\%3b
- \%3C\%73\%63\%72\%69\%70\%74
- ((\%3C)|<)[^\n]+((\%3E)|>)
- <svg
- \%3Csvg
- \%C0\%BC
- \%E0\%80\%BC
postFilter:
- name: javascript
description: "Match javascript."
match: 'javascript'
template: '{{ .Match | shuffle }}'
- name: script
description: "script tags"
match: '\<script.*\>'
template: '{{ .Match | shuffle}}'
- name: scriptenc
description: "encoded script tags"
match: '\%3cscript.*\%3e'
template: '{{ .Match | shuffle }}'