-
-
Notifications
You must be signed in to change notification settings - Fork 498
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] Mishandling of whitespace for supplied request headers #1122
Labels
bug
Something isn't working
Comments
howdy and thanks for submitting! is it only the host header? |
Yea, I jumped the gun asking. It's an easy fix, I'm just trying to set it up to handle this case specifically and still allow for intentional leading whitespace |
17 tasks
@all-contributors add @soutzis for bug |
I've put up a pull request to add @soutzis! 🎉 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
When manually supplying headers (
-H
option) for a scan, feroxbuster does not gracefully handle whitespace and will add one (1) additional whitespace character after theHost:
prefix.To Reproduce
Start a scan while supplying the host header with the
-H
flag. You can capture the request with your proxy server and observe that there will always be n+1 whitespace characters, where n is the amount of whitespace characters supplied by the user.Expected behavior
Ideally, the excess whitespace should be stripped. When no whitespace is provided, the tool correctly adds a whitespace character and that functionality should be preserved.
Traceback / Error Output
The above command shows that 1 space is added after the
Host
HTTP header, as is normally expected.The screenshot shows (highlighted in red) that an additional whitespace character is added.
Environment (please complete the following information):
The text was updated successfully, but these errors were encountered: