[GitHub] [apisix] 840963657 commented on issue #7467: feat:As a user, I don't think allowlist and denylist of ua-restriction can be enabled at the same time

GitBox Fri, 15 Jul 2022 02:14:50 -0700


840963657 commented on issue #7467:
URL: https://github.com/apache/apisix/issues/7467#issuecomment-1185346991


   Another problem: If I only configure allowlist , User-Agent is not on 
allowlist will also be released.
   
   this code in apisix/plugins/ua-restriction.lua
   `
   local MATCH_NONE = 0
   local MATCH_ALLOW = 1
   local MATCH_DENY = 2
   ......
   if match > MATCH_ALLOW then
           return 403, { message = conf.message }
       end
   `
   
   I looked at the code, If User-Agent on allowlist, the value of **match** 
becomes MATCH_ALLOW.   If User-Agent not on allowlist, the value of **match** 
is MATCH_NONE. 
   So I think the allowlist is meaningless.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

[GitHub] [apisix] 840963657 commented on issue #7467: feat:As a user, I don't think allowlist and denylist of ua-restriction can be enabled at the same time

Reply via email to