jiazhizhong/higress
1
0
Fork 0
mirror of https://github.com/alibaba/higress.git synced 2026-06-01 16:47:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix log import (#1957)

Browse Source
This commit is contained in:
澄潭
2025-03-26 20:27:53 +08:00
committed by GitHub
parent f83e66c23b
commit ea0143829d
80 changed files with 339 additions and 402 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
plugins/wasm-go/extensions/waf/wasmplugin/plugin.go
View File

@@ -5,7 +5,6 @@ import (
"strconv"
"strings"
"github.com/alibaba/higress/plugins/wasm-go/pkg/log"
"github.com/alibaba/higress/plugins/wasm-go/pkg/wrapper"
"github.com/corazawaf/coraza/v3"
"github.com/corazawaf/coraza/v3/debuglog"
@@ -32,7 +31,7 @@ type WafConfig struct {
//tx ctypes.Transaction
}
func parseConfig(json gjson.Result, config *WafConfig, log log.Log) error {
func parseConfig(json gjson.Result, config *WafConfig, log wrapper.Log) error {
var secRules []string
var value gjson.Result
value = json.Get("useCRS")
@@ -69,7 +68,7 @@ func parseConfig(json gjson.Result, config *WafConfig, log log.Log) error {
return nil
}
func onHttpRequestHeaders(ctx wrapper.HttpContext, config WafConfig, log log.Log) types.Action {
func onHttpRequestHeaders(ctx wrapper.HttpContext, config WafConfig, log wrapper.Log) types.Action {
ctx.SetContext("skipwaf", false)
if ignoreBody() {
@@ -149,7 +148,7 @@ func onHttpRequestHeaders(ctx wrapper.HttpContext, config WafConfig, log log.Log
return types.ActionContinue
}
func onHttpRequestBody(ctx wrapper.HttpContext, config WafConfig, body []byte, log log.Log) types.Action {
func onHttpRequestBody(ctx wrapper.HttpContext, config WafConfig, body []byte, log wrapper.Log) types.Action {
if ctx.GetContext("interruptionHandled").(bool) {
return types.ActionContinue
}
@@ -201,7 +200,7 @@ func onHttpRequestBody(ctx wrapper.HttpContext, config WafConfig, body []byte, l
return types.ActionContinue
}
func onHttpResponseHeaders(ctx wrapper.HttpContext, config WafConfig, log log.Log) types.Action {
func onHttpResponseHeaders(ctx wrapper.HttpContext, config WafConfig, log wrapper.Log) types.Action {
if ctx.GetContext("skipwaf").(bool) {
return types.ActionContinue
}
@@ -258,7 +257,7 @@ func onHttpResponseHeaders(ctx wrapper.HttpContext, config WafConfig, log log.Lo
return types.ActionContinue
}
func onHttpResponseBody(ctx wrapper.HttpContext, config WafConfig, body []byte, log log.Log) types.Action {
func onHttpResponseBody(ctx wrapper.HttpContext, config WafConfig, body []byte, log wrapper.Log) types.Action {
if ctx.GetContext("interruptionHandled").(bool) {
// At response body phase, proxy-wasm currently relies on emptying the response body as a way of
// interruption the response. See https://github.com/corazawaf/coraza-proxy-wasm/issues/26.
@@ -319,7 +318,7 @@ func onHttpResponseBody(ctx wrapper.HttpContext, config WafConfig, body []byte,
return types.ActionContinue
}
func onHttpStreamDone(ctx wrapper.HttpContext, config WafConfig, log log.Log) {
func onHttpStreamDone(ctx wrapper.HttpContext, config WafConfig, log wrapper.Log) {
if ctx.GetContext("skipwaf").(bool) {
return
}

9
plugins/wasm-go/extensions/waf/wasmplugin/utils.go
View File

@@ -9,7 +9,6 @@ import (
"net"
"strconv"
"github.com/alibaba/higress/plugins/wasm-go/pkg/log"
"github.com/alibaba/higress/plugins/wasm-go/pkg/wrapper"
ctypes "github.com/corazawaf/coraza/v3/types"
"github.com/higress-group/proxy-wasm-go-sdk/proxywasm"
@@ -22,7 +21,7 @@ const replaceResponseBody int = 10
// retrieveAddressInfo retrieves address properties from the proxy
// Expected targets are "source" or "destination"
// Envoy ref: https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes#connection-attributes
func retrieveAddressInfo(logger log.Log, target string) (string, int) {
func retrieveAddressInfo(logger wrapper.Log, target string) (string, int) {
var targetIP, targetPortStr string
var targetPort int
targetAddressRaw, err := proxywasm.GetProperty([]string{target, "address"})
@@ -69,7 +68,7 @@ func parsePort(b []byte) (int, error) {
// parseServerName parses :authority pseudo-header in order to retrieve the
// virtual host.
func parseServerName(logger log.Log, authority string) string {
func parseServerName(logger wrapper.Log, authority string) string {
host, _, err := net.SplitHostPort(authority)
if err != nil {
// missing port or bad format
@@ -79,7 +78,7 @@ func parseServerName(logger log.Log, authority string) string {
return host
}
func handleInterruption(ctx wrapper.HttpContext, phase string, interruption *ctypes.Interruption, log log.Log) types.Action {
func handleInterruption(ctx wrapper.HttpContext, phase string, interruption *ctypes.Interruption, log wrapper.Log) types.Action {
if ctx.GetContext("interruptionHandled").(bool) {
// handleInterruption should never be called more than once
panic("Interruption already handled")
@@ -106,7 +105,7 @@ func handleInterruption(ctx wrapper.HttpContext, phase string, interruption *cty
// replaceResponseBodyWhenInterrupted address an interruption raised during phase 4.
// At this phase, response headers are already sent downstream, therefore an interruption
// can not change anymore the status code, but only tweak the response body
func replaceResponseBodyWhenInterrupted(logger log.Log, bodySize int) types.Action {
func replaceResponseBodyWhenInterrupted(logger wrapper.Log, bodySize int) types.Action {
// TODO(M4tteoP): Update response body interruption logic after https://github.com/corazawaf/coraza-proxy-wasm/issues/26
// Currently returns a body filled with null bytes that replaces the sensitive data potentially leaked
err := proxywasm.ReplaceHttpResponseBody(bytes.Repeat([]byte("\x00"), bodySize))