External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-17 20:25:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

use stringsutil.HasPrefixAnyI

Browse Source
This commit is contained in:
Doğan Can Bakır 2023-08-28 08:15:30 +00:00
parent 494dacc671
commit d720d4ec8d
1 changed files with 1 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
v2/pkg/protocols/common/protocolstate/headless.go
View File

@ -31,7 +31,7 @@ func ValidateNFailRequest(page *rod.Page, e *proto.FetchRequestPaused) error {
}
// validate potential invalid schemes
// javascript protocol is allowed for xss fuzzing
if HasPrefixAnyI(normalized, "ftp:", "externalfile:", "chrome:", "chrome-extension:") {
if stringsutil.HasPrefixAnyI(normalized, "ftp:", "externalfile:", "chrome:", "chrome-extension:") {
return multierr.Combine(FailWithReason(page, e), ErrURLDenied.Msgf(reqURL, "protocol blocked by network policy"))
}
if !isValidHost(reqURL) {
@ -77,14 +77,3 @@ func isValidHost(targetUrl string) bool {
_, ok := networkPolicy.ValidateHost(targetUrl)
return ok
}
// HasPrefixAnyI checks if the string has any of the prefixes
// TODO: replace with stringsutil.HasPrefixAnyI after implementation
func HasPrefixAnyI(s string, prefixes ...string) bool {
for _, prefix := range prefixes {
if stringsutil.HasPrefixI(s, prefix) {
return true
}
}
return false
}