Conditions related to file upload
Currently OpenResty Edge provides 3 conditions related to file upload.
Check if the file extension matches
This condition can detect the extension of the uploaded file, which can be used to implement the blacklist or whitelist of the file extension.
It should be noted that since multiple files may be uploaded in one HTTP request, the “variable” in the condition is an array. Take the above picture as an example: if any file extension contains php
, the result of condition is true.
By default, OpenResty Edge will only return the file extension of the first file.
You can specify the content length of the uploaed file and the number of files through Set uploaded file arguments.
Check if the file content matches
This condition detects uploaded file content and is typically used for Web Shell detection. It should be noted that since multiple files may be uploaded in one HTTP request, the “variable” in the condition is an array. Take the above picture as an example: if any file contains malicious, the result of condition is true. By default, OpenResty Edge will only return the first 1MB of the first file.
You can specify the cached file content length and number of files by Set uploaded file arguments.
Check if the file extension matches the file content
This condition is used to determine whether the uploaded file extension matches the file content. If all file extensions match the file content, it is true; if any file content does not match the file extension, it is false. For the current file types that OpenResty Edge can recognize, see: Recognized upload file types.