误报提交入口

URL关键词，提交误拦截

url关键词拦截，误拦截

POST /api/auth/update/download-file HTTP/1.1
host: fbbshop.fubaobao.vip
content-type: application/x-www-form-urlencoded;charset=UTF-8
sec-ch-ua-mobile: ?0
x-requested-with: XMLHttpRequest
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-length: 9
origin: https://fbbshop.fubaobao.vip
accept: application/json, text/plain, */*
version: 6.1.6
accept-encoding: gzip, deflate, br, zstd
accept-language: zh-CN,zh;q=0.9

请处理一下，这个是我们一个程序的 更新，然后每次更新都会被CC封锁，

根本就没人机验证跳出来过，直接就给封了

看记录是智能cc封的，一点不智能啊

yoer 发表于 2024-7-21 18:13
根本就没人机验证跳出来过，直接就给封了

看记录是智能cc封的，一点不智能啊 ...

现在人机验证改成无感知的了。

GET /web/index.php?c=site&a=entry&i=3&op=list&do=region&m=rhinfo_zyxq&page=1 HTTP/1.1
sec-fetch-site: same-origin
accept-language: zh-CN,zh;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6
host: WWW.XXXXX.COM
accept-encoding: gzip, deflate, br
cookie: PHPSESSID=c091ad56f3b71997086f5bd1cb3e955b; 3427___iscontroller=0; 3427___uniacid=3; 3427_jsMenuScroll=; 3427___lastvisit_1=3%2Chttps%3A//WWW.XXXXX.COM/web/index.php%3Fd%3Dsite%26b%3Dentry%26op%3Dadd%26category%3D1%26ac%3Dcategory%26plugin_name%3Drhinfo_zyxq%26pid%3D3%26rid%3D18%26type%3D2%26c%3Dsite%26do%3Dcategory%26a%3Dentry%26module_name%3Drhinfo_zyxq; 3427___session=cf8bacl69Hh2z9%2BMZfhAHnaJDS7PxTY4PAn14kZXv%2BA2kx%2BZY%2F2RSR8XHhVZCroRiwr5ftRR2Ul8Umr%2FCS4nmlCxby4lwcawh%2F1VDw4ntbS7Zdm9B8xZ6o0Xw10uc%2BWEOVWLiLqbuVH%2BOCT01zN4vvX6YHZEbVhrsUGS5CASgqUrZ8rgg7JXtiMjAMZYe9%2BaVA; 3427___notice=1721978106
upgrade-insecure-requests: 1
sec-ch-ua: "Not/A)Brand";v="8", "Chromium";v="126", "Microsoft Edge";v="126"
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-ch-ua-mobile: ?0
priority: u=0, i
sec-ch-ua-platform: "Windows"
referer: https://WWW.XXXXX.COM/web/index.php?c=site&a=entry&i=3&op=list&do=region&m=rhinfo_zyxq&page=2
sec-fetch-dest: iframe
sec-fetch-mode: navigate
sec-fetch-user: ?1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Edg/126.0.0.0

1499479702cois 发表于 2024-7-26 09:08
GET /web/index.php?c=site&a=entry&i=3&op=list&do=region&m=rhinfo_zyxq&page=1 HTTP/1.1
sec-fetch-s ...

这个就是触发了CC设置的阈值

app上传误报

User-Agent

UnityPlayer/2020.3.37f1c1 (UnityWebRequest/1.0, libcurl/7.80.0-DEV)

用unity开发的APP，上传请求会被拦截如下图，麻烦更新下规则误报

这个接口是开放给第三方支付平台回调使用的，被误报了拦截。现在不想把接口地址加白名单，是否有其他方案处理这个误报的规则?(对方的IP地址也不是固定的)

1. GET /provision/custom/content?id=689&key=snapshot HTTP/1.1
   
2. accept: */*
   
3. host: ***
   
4. remote-host: ***
   
5. sec-fetch-dest: empty
   
6. sec-fetch-site: same-origin
   
7. x-forwarded-for: ***, 127.0.0.1
   
8. cookie: ***
   
9. x-real-ip: ***
   
10. referer: https://***/servicedetail?id=689
    
11. x-requested-with: XMLHttpRequest
    
12. priority: u=1, i
    
13. accept-language: zh,en;q=0.9,zh-CN;q=0.8,zh-TW;q=0.7
    
14. sec-fetch-mode: cors
    
15. sec-ch-ua-mobile: ?0
    
16. sec-ch-ua-platform: "Windows"
    
17. sec-ch-ua: "Not)A;Brand";v="99", "Google Chrome";v="127", "Chromium";v="127"
    
18. user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
    
19. 
    

复制代码

误报

1. POST /administrator/index.php?option=com_content&layout=edit&id=1 HTTP/1.1
   
2. priority: u=0, i
   
3. sec-ch-ua: "Not)A;Brand";v="99", "Microsoft Edge";v="127", "Chromium";v="127"
   
4. sec-ch-ua-mobile: ?0
   
5. content-type: application/x-www-form-urlencoded
   
6. sec-ch-ua-platform: "Windows"
   
7. content-length: 84889
   
8. host: nind.cn
   
9. upgrade-insecure-requests: 1
   
10. origin: https://nind.cn
    
11. accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
    
12. referer: https://nind.cn/administrator/index.php?option=com_content&view=article&layout=edit&id=1
    
13. accept-encoding: gzip, deflate, br, zstd
    
14. accept-language: zh-CN,zh;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6
    
15. sec-fetch-site: same-origin
    
16. cookie: osColorScheme=light; atumSidebarState=open; 869769c0f455b4635e7e16fafd83eeb6=u7dt3t7uir69shceovcaab5ek8; 42790eed1b39391a9eeb3ee513d0cfa9=db083knuud1kbued6ev1o02f50
    
17. sec-fetch-mode: navigate
    
18. user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Edg/127.0.0.0
    
19. cache-control: max-age=0
    
20. sec-fetch-user: ?1
    
21. sec-fetch-dest: document
    
22. 
    
23. jform%5Btitle%5D=Home&jform%5Balias%5D=home&jform%5Barticletext%5D=++++%3Cvideo+src%3D%22images%2Fyootheme%2Fhome-hero.mp4%22+poster%3D%22%22%3E%3C%2Fvideo%3E%0D%0A%3Ch1%3EQuantum%3Cbr%3EFlares%3C%2Fh1%3E%0D%0A%3Ch1%3EQuan%26shy%3Btum%3Cbr%3EFla%26shy%3Bres%3C%2Fh1%3E%0D%0A%3Cdiv%3E%281%29%3C%2Fdiv%3E%0D%0A%3Cdiv%3ELorem+ipsum+dolor+sit+amet%2C+consetetur+sadipscing+elitr%2C+sed+diam+nonumy+eirmod+tempor+invidunt+ut+labore+et+dolore+magna+aliquyam+erat%2C+sed+diam+voluptua.+At+vero+eos+et+accusam+et+justo+duo%3C%2Fdiv%3E%0D%0A%3Cimg+src%3D%22images%2Fyootheme%2Fhome-.......太长贴不出来

复制代码

post值以 select 开头，会误拦截