External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-17 18:05:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Adding stricter check on offline templates list (#2213)

Browse Source
This commit is contained in:
Mzack9999 2022-07-11 19:08:07 +02:00 committed by GitHub
parent 5b3c2861c2
commit 3c945f6ae9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
v2/pkg/templates/compile.go
View File

@ -3,7 +3,6 @@ package templates
import (
"fmt"
"reflect"
"strings"
"github.com/pkg/errors"
"gopkg.in/yaml.v2"
@ -14,6 +13,7 @@ import (
"github.com/projectdiscovery/nuclei/v2/pkg/protocols/offlinehttp"
"github.com/projectdiscovery/nuclei/v2/pkg/templates/cache"
"github.com/projectdiscovery/nuclei/v2/pkg/utils"
"github.com/projectdiscovery/stringsutil"
)
var (
@ -203,8 +203,13 @@ func (template *Template) compileOfflineHTTPRequest(options protocols.ExecuterOp
mainLoop:
for _, req := range template.RequestsHTTP {
hasPaths := len(req.Path) > 0
if !hasPaths {
break mainLoop
}
for _, path := range req.Path {
if !(strings.EqualFold(path, "{{BaseURL}}") || strings.EqualFold(path, "{{BaseURL}}/")) {
pathIsBaseURL := stringsutil.EqualFoldAny(path, "{{BaseURL}}", "{{BaseURL}}/", "/")
if !pathIsBaseURL {
break mainLoop
}
}