(url)
| 6 | const hasWaf = (waf) => ({ hasWaf: true, waf }); |
| 7 | |
| 8 | const firewallHandler = async (url) => { |
| 9 | const { href } = parseTarget(url); |
| 10 | try { |
| 11 | const response = await httpGet(href, { |
| 12 | validateStatus: () => true, |
| 13 | }); |
| 14 | const headers = response.headers; |
| 15 | |
| 16 | if (headers['server'] && headers['server'].includes('cloudflare')) { |
| 17 | return hasWaf('Cloudflare'); |
| 18 | } |
| 19 | |
| 20 | if (headers['x-powered-by'] && headers['x-powered-by'].includes('AWS Lambda')) { |
| 21 | return hasWaf('AWS WAF'); |
| 22 | } |
| 23 | |
| 24 | if (headers['server'] && headers['server'].includes('AkamaiGHost')) { |
| 25 | return hasWaf('Akamai'); |
| 26 | } |
| 27 | |
| 28 | if (headers['server'] && headers['server'].includes('Sucuri')) { |
| 29 | return hasWaf('Sucuri'); |
| 30 | } |
| 31 | |
| 32 | if (headers['server'] && headers['server'].includes('BarracudaWAF')) { |
| 33 | return hasWaf('Barracuda WAF'); |
| 34 | } |
| 35 | |
| 36 | if ( |
| 37 | headers['server'] && |
| 38 | (headers['server'].includes('F5 BIG-IP') || headers['server'].includes('BIG-IP')) |
| 39 | ) { |
| 40 | return hasWaf('F5 BIG-IP'); |
| 41 | } |
| 42 | |
| 43 | if (headers['x-sucuri-id'] || headers['x-sucuri-cache']) { |
| 44 | return hasWaf('Sucuri CloudProxy WAF'); |
| 45 | } |
| 46 | |
| 47 | if (headers['server'] && headers['server'].includes('FortiWeb')) { |
| 48 | return hasWaf('Fortinet FortiWeb WAF'); |
| 49 | } |
| 50 | |
| 51 | if (headers['server'] && headers['server'].includes('Imperva')) { |
| 52 | return hasWaf('Imperva SecureSphere WAF'); |
| 53 | } |
| 54 | |
| 55 | if (headers['x-protected-by'] && headers['x-protected-by'].includes('Sqreen')) { |
| 56 | return hasWaf('Sqreen'); |
| 57 | } |
| 58 | |
| 59 | if (headers['x-waf-event-info']) { |
| 60 | return hasWaf('Reblaze WAF'); |
| 61 | } |
| 62 | |
| 63 | if (headers['set-cookie'] && headers['set-cookie'].includes('_citrix_ns_id')) { |
| 64 | return hasWaf('Citrix NetScaler'); |
| 65 | } |
nothing calls this directly
no test coverage detected