[Bug] waf's check_white_url() method does not correctly handle the situation where cookie_str may be nil #9097
Description
Contact Information
1Panel Version
v2.0.1
Problem Description
打开waf全局设置后halo-app无法正确添加被管理的站点,并且无拦截记录,通过查看网站错误日志后发现check_white_url()被触发且全部为error级别日志,直到cookie_str为nil后请求被终止,因此出现拦截记录并未记录到任何信息,但请求却被终止的情况。
疑似check_white_url()方法未正确处理cookie_str为nil的情况。
Steps to Reproduce
- 1panel打开waf的全局设置
- 手机端halo-app扫描halo控制台移动端二维码
- 前往1panel查看halo网站的错误日志
The expected correct result
check_white_url()方法正确处理cookie_str为nil的情况,增加异常处理流程。
Related log output
2025/06/15 20:09:52 [error] 231#231: *3091 lua entry thread aborted: runtime error: ./lib/utils.lua:36: attempt to index local 'cookie_str' (a nil value)
stack traceback:
coroutine 0:
./lib/utils.lua: in function 'get_cookie_list'
./lib/lib.lua:1142: in function 'check_white_url'
./lib/lib.lua:1202: in function 'app_rule_check'
./waf.lua:316: in function 'waf'
./waf.lua:338: in main chunk, client: 223.149.232.82, server: www.puresky.top, request: "GET /api/v1alpha1/configmaps/system HTTP/1.1", host: "www.puresky.top"Additional Information
详细的网站错误日志