Some WAF errors now result in 500 errors instead of crashing the server.

This commit is contained in:
Dorian Niemiec 2024-01-22 21:03:21 +01:00
parent 577078bee1
commit 9dcdaffba5

View file

@ -102,7 +102,7 @@ Mod.prototype.callback = function callback(req, res, serverconsole, responseEnd,
logm[req.socket.remoteAddress] = serverconsole; logm[req.socket.remoteAddress] = serverconsole;
if(!logm[req.socket.remoteAddress].locwarnmessage) logm[req.socket.remoteAddress].locwarnmessage = logm[req.socket.remoteAddress].errmessage; if(!logm[req.socket.remoteAddress].locwarnmessage) logm[req.socket.remoteAddress].locwarnmessage = logm[req.socket.remoteAddress].errmessage;
//REQ.BODY //req.body
function readableHandler() { function readableHandler() {
try { try {
if(req._readableState.buffer.head !== null) { if(req._readableState.buffer.head !== null) {
@ -113,11 +113,12 @@ Mod.prototype.callback = function callback(req, res, serverconsole, responseEnd,
} catch (ex) { } catch (ex) {
} }
//EASYWAF //EasyWaf
try {
easyWaf(req, res, function() { easyWaf(req, res, function() {
if (((href == "/easywaf-config.json" || (os.platform() == "win32" && href.toLowerCase() == "/easywaf-config.json")) || (href == "/easywaf-hooks.js" || (os.platform() == "win32" && href.toLowerCase() == "/easywaf-hooks.js"))) && __dirname == process.cwd()) { if (((href == "/easywaf-config.json" || (os.platform() == "win32" && href.toLowerCase() == "/easywaf-config.json")) || (href == "/easywaf-hooks.js" || (os.platform() == "win32" && href.toLowerCase() == "/easywaf-hooks.js"))) && __dirname == process.cwd()) {
if (callServerError) { if (callServerError) {
callServerError(403, "easy-waf-integration/1.2.1"); callServerError(403, "easy-waf-integration/1.2.2");
} else { } else {
res.writeHead(403, "Forbidden", { res.writeHead(403, "Forbidden", {
"Server": "SVR.JS", "Server": "SVR.JS",
@ -130,7 +131,7 @@ Mod.prototype.callback = function callback(req, res, serverconsole, responseEnd,
elseCallback(); elseCallback();
} catch (ex) { } catch (ex) {
if (callServerError) { if (callServerError) {
callServerError(500, "easy-waf-integration/1.2.1", ex); callServerError(500, "easy-waf-integration/1.2.2", ex);
} else { } else {
res.writeHead(500, "Internal Server Error", { res.writeHead(500, "Internal Server Error", {
"Server": "SVR.JS", "Server": "SVR.JS",
@ -141,6 +142,17 @@ Mod.prototype.callback = function callback(req, res, serverconsole, responseEnd,
} }
} }
}); });
} catch(ex) {
if (callServerError) {
callServerError(500, "easy-waf-integration/1.2.2", ex);
} else {
res.writeHead(500, "Internal Server Error", {
"Server": "SVR.JS",
"Content-Type": "text/plain"
});
res.end(ex.stack);
}
}
} }
if(req._readableState.length > 0 || req._readableState.ended) { if(req._readableState.length > 0 || req._readableState.ended) {
readableHandler(); readableHandler();