From 8bd0080bf4452d613c7b81e110d1789b4912bc64 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Mon, 10 Dec 2012 13:05:41 +0100 Subject: [PATCH] Minor update for an Issue #267 --- lib/request/connect.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/request/connect.py b/lib/request/connect.py index 3d80a4f96..1b30ead16 100644 --- a/lib/request/connect.py +++ b/lib/request/connect.py @@ -628,8 +628,9 @@ class Connect(object): if place in (PLACE.GET, PLACE.POST): _ = re.escape(PAYLOAD_DELIMITER) match = re.search("(?P\w+)=%s(?P.+?)%s" % (_, _), value) - payload = match.group("value") if match: + payload = match.group("value") + for splitter in (urlencode(' '), ' '): if splitter in payload: prefix, suffix = ("*/", "/*") if splitter == ' ' else (urlencode(_) for _ in ("*/", "/*")) @@ -640,9 +641,10 @@ class Connect(object): parts[i] = "%s%s=%s%s%s" % (DEFAULT_GET_POST_DELIMITER, match.group("name"), prefix, parts[i], suffix) payload = "".join(parts) break + for splitter in (urlencode(','), ','): payload = payload.replace(splitter, "%s%s=" % (DEFAULT_GET_POST_DELIMITER, match.group("name"))) - if payload: + value = agent.replacePayload(value, payload) else: warnMsg = "HTTP parameter pollution works only with regular "