weaver_security_custom_rules_sql_20191127.xml
6.94 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
<?xml version="1.0" encoding="UTF-8"?>
<root>
<special-non>
<urls>
<url>
<value>/fna/maintenance/BudgetfeeTypeBrowser.jsp</value>
<params>
<param>
<value>sqlwhere</value>
<rules>
<rule>##CONST:CODE##</rule>
</rules>
</param>
</params>
</url>
<url>
<value>/workflow/html/LayoutOperation.jsp</value>
<params>
<param>
<value>layouttext</value>
<rules>
<rule>##CONST:CODE##</rule>
</rules>
</param>
</params>
</url>
<url>
<value>/mobile/plugin/2/imageFileUpload.jsp</value>
<params>
<param>
<value>uploaddata</value>
<max-length>-1</max-length>
<rules>
<rule>##CONST:CODE##</rule>
</rules>
</param>
</params>
</url>
<url>
<value>/mobilemode/apps/e-cology/email/SaveEmailOperation.jsp</value>
<params>
<param>
<value>mouldtext</value>
<max-length>-1</max-length>
<rules>
<rule>##CONST:CODE##</rule>
</rules>
</param>
</params>
</url>
<url>
<value>/login/RemindLogin.jsp</value>
<params>
<param>
<value>RedirectFile</value>
<rules>
<rule>##CONST:NAMETITLE##</rule>
</rules>
</param>
</params>
</url>
<url>
<value>/docs/docs/UploadDoc.jsp</value>
<params>
<param>
<value>doccontent</value>
<max-length>-1</max-length>
</param>
</params>
</url>
<url>
<value>/voting/groupchatvote/SaveVoting.jsp</value>
<params>
<param>
<is-dynamic-param>0</is-dynamic-param>
<value>enddate</value>
<rules>
<rule>##CONST:NAMETITLE##</rule>
</rules>
</param>
<param>
<is-dynamic-param>0</is-dynamic-param>
<value>endtime</value>
<rules>
<rule>##CONST:NAMETITLE##</rule>
</rules>
</param>
<param>
<is-dynamic-param>0</is-dynamic-param>
<value>finishtime</value>
<rules>
<rule>##CONST:NAMETITLE##</rule>
</rules>
</param>
</params>
</url>
<url>
<value>/workflow/exceldesign/excelUploadCode.jsp</value>
<params>
<param>
<value>str1</value>
<max-length>-1</max-length>
<rules>
<rule>##CONST:CODE##</rule>
</rules>
</param>
</params>
</url>
<url>
<value>__someCommonParamsRule__</value>
<params>
<param>
<value>Referer</value>
<rules>
<rule>##CONST:NAMETITLE##</rule>
</rules>
</param>
<param>
<value>User-Agent</value>
<rules>
<rule>##CONST:NAMETITLE##</rule>
</rules>
</param>
<param>
<value>str1</value>
<max-length>-1</max-length>
<rules>
<rule>##CONST:CODE##</rule>
</rules>
</param>
<param>
<value>Cookie</value>
<rules>
<rule>##CONST:CODE##</rule>
</rules>
</param>
</params>
</url>
<url>
<value>__cookieparamsrule__</value>
<params>
<param>
<is-dynamic-param>0</is-dynamic-param>
<value>Cookie</value>
<rules>
<rule>##CONST:CODE##</rule>
</rules>
</param>
</params>
</url>
<url>
<value>/workflow/search/WFSearchTemp.jsp</value>
<params>
<param>
<value>complete</value>
<rules>
<rule>##CONST:LETTERS##</rule>
</rules>
</param>
</params>
</url>
</urls>
</special-non>
<special-reg>
<urls>
<url>
<value>__someCommonParamsRule__</value>
<params>
<param>
<value>^__multilangpre_itemFieldName_\d{1,5}$</value>
<rules>
<rule>##CONST:NAMETITLE##</rule>
</rules>
</param>
</params>
</url>
<url>
<value>/api/integration/workflowtrigger/getTriggerOperation</value>
<params>
<param>
<value>^outerdetailwhere\d{1,5}$</value>
<rules>
<rule>##CONST:DML##</rule>
</rules>
</param>
</params>
</url>
</urls>
</special-reg>
<need-login-urls>
<url>/contract/</url>
</need-login-urls>
<mobile>
<no-login-urls>
<url>/mobile/plugin/plus/workflow/data/workflowOperation.jsp</url>
<url>/mobilemode/init2.jsp</url>
<url>/mobilemode/H5Check.jsp</url>
<url>/mobilemode/admin/init.jsp</url>
<url>/mobilemode/admin/dialog/scriptlib/ScriptCenter.jsp</url>
<url>/mobilemode/admin/dialog/setup/saveAsTmp.jsp</url>
<url>/mobilemode/admin/version.jsp</url>
<url>/mobilemode/Action.jsp</url>
<url>/mobilemode/admin/dialog/numremind.jsp</url>
<url>/mobilemode/preview.jsp</url>
<url>/mobilemode/init.jsp</url>
<url>/mobilemode/setup/templateChoose.jsp</url>
<url>/mobilemode/setup/saveAsTmp.jsp</url>
<url>/mobilemode/setup/viewUrl.jsp</url>
<url>/mobilemode/appDesigner.jsp</url>
<url>/mobilemode/appModelDesignTree.jsp</url>
<url>/mobilemode/appuidesign2.jsp</url>
<url>/mobilemode/appHomepageCreate.jsp</url>
<url>/mobilemode/appHomepageCopy.jsp</url>
<url>/mobilemode/appHomepageTransform.jsp</url>
<url>/mobilemode/homepageSource.jsp</url>
<url>/mobilemode/listSearchConfig.jsp</url>
<url>/mobilemode/swipeContentEdit.jsp</url>
<url>/mobilemode/scriptlib/ScriptCenter.jsp</url>
<url>/mobilemode/appHomepageViewWrap.jsp</url>
</no-login-urls>
</mobile>
<skip-any-check-list>
<url>/workflow/html/LayoutOperation.jsp</url>
<url>/mobile/plugin/Download.jsp</url>
</skip-any-check-list>
</root>