Patch for an Issue #1578

2025-01-23 15:54:24 +03:00 · 2015-12-03 01:43:37 +01:00 · 2015-12-03 01:43:37 +01:00 · 6397704456
commit 6397704456
parent 80d3ff6706
2 changed files with 10 additions and 1 deletions
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -1376,7 +1376,7 @@ def _setHTTPExtraHeaders():
                errMsg = "invalid header value: %s. Valid header format is 'name:value'" % repr(headerValue).lstrip('u')
                raise SqlmapSyntaxException(errMsg)

-    elif not conf.httpHeaders or len(conf.httpHeaders) == 1:
+    elif not conf.requestFile and len(conf.httpHeaders or []) < 2:
        conf.httpHeaders.append((HTTP_HEADER.ACCEPT_LANGUAGE, "en-us,en;q=0.5"))
        if not conf.charset:
            conf.httpHeaders.append((HTTP_HEADER.ACCEPT_CHARSET, "ISO-8859-15,utf-8;q=0.7,*;q=0.7"))
--- a/lib/request/connect.py
+++ b/lib/request/connect.py
@ -343,6 +343,9 @@ class Connect(object):
            # Prepare HTTP headers
            headers = forgeHeaders({HTTP_HEADER.COOKIE: cookie, HTTP_HEADER.USER_AGENT: ua, HTTP_HEADER.REFERER: referer, HTTP_HEADER.HOST: host})

+            if HTTP_HEADER.COOKIE in headers:
+                cookie = headers[HTTP_HEADER.COOKIE]
+
            if kb.authHeader:
                headers[HTTP_HEADER.AUTHORIZATION] = kb.authHeader

@ -370,6 +373,12 @@ class Connect(object):
                if boundary:
                    headers[HTTP_HEADER.CONTENT_TYPE] = "%s; boundary=%s" % (headers[HTTP_HEADER.CONTENT_TYPE], boundary)

+            # Reset header values to original in case of provided request file
+            if target and conf.requestFile:
+                headers = OrderedDict(conf.httpHeaders)
+                if cookie:
+                    headers[HTTP_HEADER.COOKIE] = cookie
+
            if auxHeaders:
                for key, value in auxHeaders.items():
                    for _ in headers.keys():