Release 1.1.1
DongTai-webapi
Feature
- Added sensitive information rule management
HXSecurity/DongTai-webapi#188 - Changed the relationship between the original strategy and hook rules to adapt to the design of sensitive rules HXSecurity/DongTai-webapi#201
- Improved strategy management
HXSecurity/DongTai-webapi#200 - It is now possible to set the CSRF trusted domain name through config.ini HXSecurity/DongTai-webapi#197
Bugfix
- Inconsistent statistics due to multiple versions of the project
HXSecurity/DongTai-webapi#186 - The corresponding strategy was not created at the same time when the dangerous rule was created HXSecurity/DongTai-webapi#190
- Fix the program error when there is a null value HXSecurity/DongTai-webapi#192
- Unreasonable escaping causes the text to display incorrectly HXSecurity/DongTai-webapi#195
- CSRF Failed: Referer checking failed - https://dev-iast.huoxian.cn:1024/taint/search does not match any trusted origins. HXSecurity/DongTai-webapi#197
DongTai-openapi
Feature
- Do not return queue data, when request /api/v1/report/upload with return_queue is 0
- Add scarf tracking pixel
Bugfix
- Fix agent_register register bug
- Fix error conf in action file
DongTai-Engine
Feature:
- Beta version of sensitive information risk detection function released
- Project report supports exporting vulnerability call links
DongTai-Java-Agent
Feature
- The agent register report and heartbeat report are transferred to agent.jar
Bugfix
- Fix custom model hook bug
DongTai-Web
Feature
- Add sensitive information configuration function
- Adjust the existing UI to make it more beautiful
Bugfix
- Adjusted some errors in multilingual translation