Patch for an Issue #564

2024-11-22 17:46:37 +03:00 · 2013-12-27 11:02:59 +01:00 · 2013-12-27 11:02:59 +01:00 · 6c80f2903b
commit 6c80f2903b
parent 178056968f
2 changed files with 4 additions and 1 deletions
--- a/lib/controller/checks.py
+++ b/lib/controller/checks.py
@ -322,7 +322,7 @@ def checkSqlInjection(place, parameter, value):

                    # Threat the parameter original value according to the
                    # test's <where> tag
-                    if where == PAYLOAD.WHERE.ORIGINAL:
+                    if where == PAYLOAD.WHERE.ORIGINAL or conf.prefix:
                        origValue = value
                    elif where == PAYLOAD.WHERE.NEGATIVE:
                        # Use different page template than the original
--- a/lib/core/agent.py
+++ b/lib/core/agent.py
@ -108,6 +108,9 @@ class Agent(object):
            origValue = origValue.split(CUSTOM_INJECTION_MARK_CHAR)[0]
            origValue = origValue[origValue.index(',') + 1:]

+        if conf.prefix:
+            value = origValue
+
        if value is None:
            if where == PAYLOAD.WHERE.ORIGINAL:
                value = origValue