further update regarding last commit

2024-11-22 17:46:37 +03:00 · 2011-03-03 10:39:04 +00:00 · 2011-03-03 10:39:04 +00:00 · 8edc3b3302
commit 8edc3b3302
parent bc50387a17
3 changed files with 14 additions and 7 deletions
--- a/lib/controller/controller.py
+++ b/lib/controller/controller.py
@ -27,6 +27,8 @@ from lib.core.common import paramToDict
 from lib.core.common import parseTargetUrl
 from lib.core.common import readInput
 from lib.core.common import showHttpErrorCodes
+from lib.core.convert import urlencode
+from lib.core.convert import urldecode
 from lib.core.data import conf
 from lib.core.data import kb
 from lib.core.data import logger
@ -205,7 +207,7 @@ def start():
                    message += "\nCookie: %s" % conf.cookie

                if conf.data:
-                    message += "\nPOST data: %s" % repr(conf.data) if conf.data else ""
+                    message += "\nPOST data: %s" % urlencode(conf.data) if conf.data else ""

                if conf.forms:
                    if conf.method == HTTPMETHOD.GET and targetUrl.find("?") == -1:
@ -216,8 +218,8 @@ def start():

                    if not test or test[0] in ("y", "Y"):
                        if conf.method == HTTPMETHOD.POST:
-                            message = "Edit POST data [default: %s]: " % (conf.data if conf.data else "")
-                            conf.data = readInput(message, default=conf.data)
+                            message = "Edit POST data [default: %s]%s: " % (urlencode(conf.data) if conf.data else "", " (Warning: blank fields detected)" if conf.data and '=&' in conf.data else "")
+                            conf.data = urldecode(readInput(message, default=conf.data))

                        elif conf.method == HTTPMETHOD.GET:
                            if conf.url.find("?") > -1:
--- a/lib/core/convert.py
+++ b/lib/core/convert.py
@ -19,6 +19,7 @@ import struct
 import urllib

 from lib.core.data import conf
+from lib.core.settings import UNICODE_ENCODING

 def base64decode(value):
    return value.decode("base64")
@ -62,17 +63,21 @@ def sha1hash(value):
    else:
        return sha.new(value).hexdigest()

-def urldecode(value):
+def urldecode(value, encoding=None):
    result = None

    if value:
        try:
            # for cases like T%C3%BCrk%C3%A7e
            value = str(value)
-            result = utf8decode(urllib.unquote_plus(value))
        except ValueError:
+            pass
+        finally:
            result = urllib.unquote_plus(value)

+    if isinstance(result, str):
+        result = unicode(result, encoding or UNICODE_ENCODING, errors="replace")
+
    return result

 def urlencode(value, safe=":/?%&=", convall=False):
--- a/lib/core/option.py
+++ b/lib/core/option.py
@ -446,9 +446,9 @@ def __findPageForms():
    if forms:
        for form in forms:
            request = form.click()
-            url = urldecode(request.get_full_url())
+            url = urldecode(request.get_full_url(), kb.pageEncoding)
            method = request.get_method()
-            data = urldecode(getUnicode(request.get_data(), kb.pageEncoding)) if request.has_data() else None
+            data = urldecode(request.get_data(), kb.pageEncoding) if request.has_data() else None
            target = (url, method, data, conf.cookie)
            kb.targetUrls.add(target)
            kb.formNames.append(target)