Added response truncation support with flags (#2688)

* Added response truncation support with flags * Fixed failing tests for no size
2025-12-17 18:15:28 +00:00 · 2022-10-07 20:10:00 +05:30 · 2022-10-07 20:10:00 +05:30 · 9944f5e94e
commit 9944f5e94e
parent 3ebd1f689b
4 changed files with 17 additions and 1 deletions
--- a/v2/cmd/nuclei/main.go
+++ b/v2/cmd/nuclei/main.go
@ -194,6 +194,8 @@ on extensive configurability, massive extensibility and ease of use.`)
 		flagSet.StringVarP(&options.Interface, "interface", "i", "", "network interface to use for network scan"),
 		flagSet.StringVarP(&options.SourceIP, "source-ip", "sip", "", "source ip address to use for network scan"),
 		flagSet.StringVar(&options.CustomConfigDir, "config-directory", "", "Override the default config path ($home/.config)"),
+		flagSet.IntVarP(&options.ResponseReadSize, "response-size-read", "rsr", 10*1024*1024, "max response size to read in bytes"),
+		flagSet.IntVarP(&options.ResponseSaveSize, "response-size-save", "rss", 1*1024*1024, "max response size to read in bytes"),
 	)

 	flagSet.CreateGroup("interactsh", "interactsh",
--- a/v2/pkg/protocols/http/operators.go
+++ b/v2/pkg/protocols/http/operators.go
@ -158,8 +158,16 @@ func (request *Request) MakeResultEventItem(wrapped *output.InternalWrappedEvent
 		MatcherStatus:    true,
 		IP:               types.ToString(wrapped.InternalEvent["ip"]),
 		Request:          types.ToString(wrapped.InternalEvent["request"]),
-		Response:         types.ToString(wrapped.InternalEvent["response"]),
+		Response:         request.truncateResponse(wrapped.InternalEvent["response"]),
 		CURLCommand:      types.ToString(wrapped.InternalEvent["curl-command"]),
 	}
 	return data
 }
+
+func (request *Request) truncateResponse(response interface{}) string {
+	responseString := types.ToString(response)
+	if len(responseString) > request.options.Options.ResponseSaveSize {
+		return responseString[:request.options.Options.ResponseSaveSize]
+	}
+	return responseString
+}
--- a/v2/pkg/protocols/http/request.go
+++ b/v2/pkg/protocols/http/request.go
@ -538,6 +538,8 @@ func (request *Request) executeRequest(input *contextargs.Context, generatedRequ
 		var bodyReader io.Reader
 		if request.MaxSize != 0 {
 			bodyReader = io.LimitReader(resp.Body, int64(request.MaxSize))
+		} else if request.options.Options.ResponseReadSize != 0 {
+			bodyReader = io.LimitReader(resp.Body, int64(request.options.Options.ResponseReadSize))
 		} else {
 			bodyReader = resp.Body
 		}
--- a/v2/pkg/types/types.go
+++ b/v2/pkg/types/types.go
@ -244,6 +244,10 @@ type Options struct {
 	Interface string
 	// SourceIP sets custom source IP address for network requests
 	SourceIP string
+	// ResponseReadSize is the maximum size of response to read
+	ResponseReadSize int
+	// ResponseSaveSize is the maximum size of response to save
+	ResponseSaveSize int
 	// Health Check
 	HealthCheck bool
 	// Time to wait between each input read operation before closing the stream