Couple of fixes for --identify-waf

2025-12-09 14:11:29 +00:00 · 2016-05-27 02:24:59 +02:00
parent 7a2ac23f0b
commit 210b65c02d
5 changed files with 15 additions and 14 deletions
--- a/waf/dotdefender.py
+++ b/waf/dotdefender.py
@@ -13,9 +13,10 @@ def detect(get_page):
    retval = False

    for vector in WAF_ATTACK_VECTORS:
-        _, headers, _ = get_page(get=vector)
-        retVal = headers.get("X-dotDefender-denied", "") == "1"
-        if retVal:
+        page, headers, _ = get_page(get=vector)
+        retval = headers.get("X-dotDefender-denied", "") == "1"
+        retval |= "dotDefender Blocked Your Request" in (page or "")
+        if retval:
            break

    return retval