diff --git a/data/apps/git-client.yaml b/data/apps/git-client.yaml new file mode 100644 index 00000000..b2964937 --- /dev/null +++ b/data/apps/git-client.yaml @@ -0,0 +1,7 @@ +- name: allow-git-clients + action: ALLOW + expression: + and: + - userAgent.startsWith("git/") || userAgent.contains("libgit") || userAgent.startsWith("go-git") || userAgent.startsWith("JGit/") || userAgent.startsWith("JGit-") + - > + "Git-Protocol" in headers && headers["Git-Protocol"] == "version=2" \ No newline at end of file diff --git a/data/clients/go-get.yaml b/data/clients/go-get.yaml new file mode 100644 index 00000000..ca061e28 --- /dev/null +++ b/data/clients/go-get.yaml @@ -0,0 +1,7 @@ +- name: go-get + action: ALLOW + expression: + and: + - userAgent.startsWith("Go-http-client/") + - '"go-get" in query' + - query["go-get"] == "1" \ No newline at end of file diff --git a/data/common/allow-api-like.yaml b/data/common/allow-api-like.yaml new file mode 100644 index 00000000..50738123 --- /dev/null +++ b/data/common/allow-api-like.yaml @@ -0,0 +1,6 @@ +- name: allow-api-routes + action: ALLOW + expression: + and: + - '!(method == "HEAD" || method == "GET")' + - path.startsWith("/api/") \ No newline at end of file diff --git a/data/common/keep-internet-working.yaml b/data/common/keep-internet-working.yaml index 8270ef4e..d72f5abf 100644 --- a/data/common/keep-internet-working.yaml +++ b/data/common/keep-internet-working.yaml @@ -7,4 +7,7 @@ action: ALLOW - name: robots-txt path_regex: ^/robots.txt$ + action: ALLOW +- name: sitemap + path_regex: ^/sitemap.xml$ action: ALLOW \ No newline at end of file diff --git a/data/common/rfc-violations.yaml b/data/common/rfc-violations.yaml new file mode 100644 index 00000000..77ffe9eb --- /dev/null +++ b/data/common/rfc-violations.yaml @@ -0,0 +1,3 @@ +- name: no-user-agent-string + expression: userAgent == "" + action: DENY \ No newline at end of file diff --git a/data/embed.go b/data/embed.go index ebb2152f..06cf30d3 100644 --- a/data/embed.go +++ b/data/embed.go @@ -3,6 +3,6 @@ package data import "embed" var ( - //go:embed botPolicies.yaml botPolicies.json apps bots common crawlers + //go:embed botPolicies.yaml botPolicies.json apps bots clients common crawlers BotPolicies embed.FS )