[Suggestion] Custom rule matching targets add Attack Type

[hz157]

What would you like to be added or improved?

自定义规则匹配目标增加根据攻击类型匹配，可针对单一攻击类型放行，其他条件组合使用。

Why is it needed?

在线编辑html代码过程中payload可能存在<img src="url"/>等之类的标签，命中XSS特征waf会进行拦截，白名单可针对接口地址及host放行，但这是全类型放行，是否可以增加针对单一攻击类型选择，放行某一攻击类型的请求？

[safe1ine]

disable the xss module?

[hz157]

disable the xss module?

but i just want to disable one of the path of a web site. Disable the xss module seems to be global?