bug fix (thanks to zhen zhou)

2025-03-14 15:14:31 +03:00 · 2011-11-10 10:22:35 +00:00 · 2011-11-10 10:22:35 +00:00 · 62f8f8d36c
commit 62f8f8d36c
parent 81ca6f00f0
1 changed files with 4 additions and 3 deletions
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@ -539,13 +539,14 @@ class Connect:
            value = urlEncodeCookieValues(value)

        elif place:
-            if place in (PLACE.GET, PLACE.POST):
+            if place in (PLACE.GET, PLACE.POST, PLACE.URI):
                # payloads in GET and/or POST need to be urlencoded 
                # throughly without safe chars (especially & and =)
                # addendum: as we support url encoding in tampering
                # functions therefore we need to use % as a safe char
-                payload = urlencode(payload, "%", False, True)
-                value = agent.replacePayload(value, payload)
+                if place != PLACE.URI or ('?' in value and value.find('?') < value.find(payload)):
+                    payload = urlencode(payload, "%", False, True)
+                    value = agent.replacePayload(value, payload)
            elif place == PLACE.SOAP:
                # payloads in SOAP should have chars > and < replaced
                # with their HTML encoded counterparts