sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2025-03-23 19:34:13 +03:00
Code Issues Packages Projects Releases Wiki Activity

bug fix (thanks to zhen zhou)

Browse Source
This commit is contained in:
Miroslav Stampar 2011-11-10 10:22:35 +00:00
parent 81ca6f00f0
commit 62f8f8d36c
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
lib/request/connect.py
View File

@ -539,13 +539,14 @@ class Connect:
value = urlEncodeCookieValues(value) value = urlEncodeCookieValues(value)
elif place: elif place:
if place in (PLACE.GET, PLACE.POST): if place in (PLACE.GET, PLACE.POST, PLACE.URI):
# payloads in GET and/or POST need to be urlencoded # payloads in GET and/or POST need to be urlencoded
# throughly without safe chars (especially & and =) # throughly without safe chars (especially & and =)
# addendum: as we support url encoding in tampering # addendum: as we support url encoding in tampering
# functions therefore we need to use % as a safe char # functions therefore we need to use % as a safe char
payload = urlencode(payload, "%", False, True) if place != PLACE.URI or ('?' in value and value.find('?') < value.find(payload)):
value = agent.replacePayload(value, payload) payload = urlencode(payload, "%", False, True)
value = agent.replacePayload(value, payload)
elif place == PLACE.SOAP: elif place == PLACE.SOAP:
# payloads in SOAP should have chars > and < replaced # payloads in SOAP should have chars > and < replaced
# with their HTML encoded counterparts # with their HTML encoded counterparts