温馨提示，禁止在本网站上运行，否则会被封禁

// ========== WAF防护效果一键测试（优化增强版） ==========
(function() {
    console.log('%c=== WAF防护测试开始 ===', 'color: red; font-size: 16px; font-weight: bold');
    console.log('%c注意：测试仅用于验证自身防护，请勿攻击他人网站', 'color: orange');
    
    const testCases = [
        { name: 'SQL注入-1', payload: "?id=1' OR '1'='1" },
        { name: 'SQL注入-2', payload: "?id=1; DROP TABLE users--" },
        { name: 'SQL注入-3', payload: "?id=1 UNION SELECT * FROM users" },
        { name: 'XSS-1', payload: "?q=<script>alert(1)</script>" },
        { name: 'XSS-2', payload: "?name=<img src=x onerror=alert(1)>" },
        { name: '路径遍历-1', payload: "?file=../../../etc/passwd" },
        { name: '路径遍历-2', payload: "?path=..\\..\\..\\windows\\win.ini" },
        { name: '命令注入-1', payload: "?cmd=; ls -la" },
        { name: '命令注入-2', payload: "?cmd=| cat /etc/passwd" },
        { name: '恶意扫描', payload: "?page=../../../../etc/passwd%00" },
    ];
    
    let blocked = 0;
    let total = 0;
    
    async function runTest(index) {
        if (index >= testCases.length) {
            console.log('\n%c=== 测试结果汇总 ===', 'color: blue; font-size: 14px');
            console.log(`总测试数: ${total}`);
            console.log(`被阻断数: ${blocked}`);
            console.log(`阻断率: ${((blocked/total)*100).toFixed(2)}%`);
            
            if (blocked === total) {
                console.log('%c✅ WAF防护完美！所有攻击已拦截', 'color: green; font-weight: bold');
            } else if (blocked / total >= 0.8) {
                console.log('%c⚠️ WAF存在异常', 'color: orange; font-weight: bold');
            } else {
                console.log('%c❌ WAF防护不足，存在高危漏洞', 'color: red; font-weight: bold');
            }
            return;
        }
        
        const test = testCases[index];
        const url = window.location.origin + test.payload;
        total++;
        
        try {
            const response = await fetch(url, {
                method: 'GET',
                signal: AbortSignal.timeout(3000),
                headers: { 'X-Test': 'WAF-Check' }
            });
            
            const status = response.status;
            // 403/406/429/503 都是WAF拦截状态码
            const isBlocked = [403,406,429,503,405].includes(status);
            
            if (isBlocked) {
                blocked++;
                console.log(`%c✅ 已拦截 | ${test.name} | 状态码:${status}`, 'color: green');
            } else {
                console.log(`%c❌ 未拦截 | ${test.name} | 状态码:${status}`, 'color: red');
            }
        } catch (e) {
            console.log(`%c⚠️ 超时/异常 | ${test.name}`, 'color: gray');
        }
        
        setTimeout(() => runTest(index + 1), 600);
    }
    
    runTest(0);
})();