#!/usr/bin/env python
'''
Copyright (C) 2020, WAFW00F Developers.
See the LICENSE file for copying permission.
'''

NAME = 'Sitelock (TrueShield)'

# Well this is confusing, Sitelock itself uses Incapsula from Imperva
# So the fingerprints obtained on blockpage are similar to those of Incapsula.

def is_waf(self):
    # 定义用于检测是否存在特定 Web 应用防火墙（WAF）的方案列表。
    schemes = [
        # 检查响应内容中是否包含'SiteLock will remember you'。
        self.matchContent(r"SiteLock will remember you"),
        # 检查响应内容中是否包含'Sitelock is leader in Business Website Security Services'。
        self.matchContent(r"Sitelock is leader in Business Website Security Services"),
        # 检查响应内容中是否包含'sitelock[_-]shield([_-]logo|[_-]badge)?'，用于匹配带有不同可能后缀的特定字符串。
        self.matchContent(r"sitelock[_\-]shield([_\-]logo|[\-_]badge)?"),
        # 检查响应内容中是否包含'SiteLock incident ID'。
        self.matchContent(r'SiteLock incident ID')
    ]
    # 如果方案列表中的任何一个条件为真，则认为检测到了 WAF。
    if any(i for i in schemes):
        return True
    else:
        return False