From bbbcc95fe56b177e974f1495dcf579cddcab9b87 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Fri, 13 Apr 2012 10:19:26 +0000 Subject: [PATCH] use it only if page is stable --- lib/controller/checks.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/controller/checks.py b/lib/controller/checks.py index 37a3c1c1d..517f63d75 100644 --- a/lib/controller/checks.py +++ b/lib/controller/checks.py @@ -346,7 +346,7 @@ def checkSqlInjection(place, parameter, value): injectable = True - if not injectable and not conf.string: + if not injectable and not conf.string and kb.pageStable: trueSet = set(extractTextTagContent(truePage)) falseSet = set(extractTextTagContent(falsePage)) candidate = reduce(lambda x, y: x or (y.strip() if y.strip() in (kb.pageTemplate or "") and y.strip() not in falsePage else None), (trueSet - falseSet), None)