External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-18 17:05:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fixed some edge cases with status codes in redirect chains

Browse Source
This commit is contained in:
Ice3man543 2021-11-09 17:55:42 +05:30
parent a9f586369a
commit 9b364080ea
4 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
integration_tests/http/get-redirects-chain-headers.yaml
View File

@ -11,8 +11,13 @@ requests:
- "{{BaseURL}}" - "{{BaseURL}}"
redirects: true redirects: true
max-redirects: 3 max-redirects: 3
matchers-condition: and
matchers: matchers:
- type: word - type: word
part: header part: header
words: words:
- "TestRedirectHeaderMatch" - "TestRedirectHeaderMatch"
- type: status
status:
- 302

2
v2/cmd/integration-test/integration-test.go
View File

@ -51,5 +51,5 @@ func main() {
} }
func errIncorrectResultsCount(results []string) error { func errIncorrectResultsCount(results []string) error {
return fmt.Errorf("incorrect number of results %s", strings.Join(results, "\n\t")) return fmt.Errorf("incorrect number of results \n\t%s", strings.Join(results, "\n\t"))
} }

2
v2/pkg/protocols/http/request.go
View File

@ -445,7 +445,7 @@ func (request *Request) executeRequest(reqURL string, generatedRequest *generate
} }
finalEvent := make(output.InternalEvent) finalEvent := make(output.InternalEvent)
outputEvent := request.responseToDSLMap(resp, reqURL, matchedURL, tostring.UnsafeToString(dumpedRequest), tostring.UnsafeToString(response.fullResponse), tostring.UnsafeToString(response.body), tostring.UnsafeToString(response.headers), duration, generatedRequest.meta) outputEvent := request.responseToDSLMap(response.resp, reqURL, matchedURL, tostring.UnsafeToString(dumpedRequest), tostring.UnsafeToString(response.fullResponse), tostring.UnsafeToString(response.body), tostring.UnsafeToString(response.headers), duration, generatedRequest.meta)
if i := strings.LastIndex(hostname, ":"); i != -1 { if i := strings.LastIndex(hostname, ":"); i != -1 {
hostname = hostname[:i] hostname = hostname[:i]
} }

3
v2/pkg/protocols/http/utils.go
View File

@ -22,6 +22,7 @@ type redirectedResponse struct {
headers []byte headers []byte
body []byte body []byte
fullResponse []byte fullResponse []byte
resp *http.Response
} }
// dumpResponseWithRedirectChain dumps a http response with the // dumpResponseWithRedirectChain dumps a http response with the
@ -41,6 +42,7 @@ func dumpResponseWithRedirectChain(resp *http.Response, body []byte) ([]redirect
respObj := redirectedResponse{ respObj := redirectedResponse{
headers: respData, headers: respData,
body: body, body: body,
resp: resp,
fullResponse: bytes.Join([][]byte{respData, body}, []byte{}), fullResponse: bytes.Join([][]byte{respData, body}, []byte{}),
} }
if err := normalizeResponseBody(resp, &respObj); err != nil { if err := normalizeResponseBody(resp, &respObj); err != nil {
@ -65,6 +67,7 @@ func dumpResponseWithRedirectChain(resp *http.Response, body []byte) ([]redirect
respObj := redirectedResponse{ respObj := redirectedResponse{
headers: respData, headers: respData,
body: body, body: body,
resp: redirectResp,
fullResponse: bytes.Join([][]byte{respData, body}, []byte{}), fullResponse: bytes.Join([][]byte{respData, body}, []byte{}),
} }
if err := normalizeResponseBody(redirectResp, &respObj); err != nil { if err := normalizeResponseBody(redirectResp, &respObj); err != nil {