fix for user-agent injections

2025-02-03 13:14:13 +03:00 · 2011-01-23 23:23:30 +00:00 · 2011-01-23 23:23:30 +00:00 · c1145c244e
commit c1145c244e
parent 818c9787b2
1 changed files with 3 additions and 1 deletions
--- a/lib/core/agent.py
+++ b/lib/core/agent.py
@ -104,8 +104,10 @@ class Agent:
                child.text = self.addPayloadDelimiters(newValue)

            retValue = ET.tostring(root)
-        elif place in (PLACE.UA, PLACE.URI):
+        elif place == PLACE.URI:
            retValue = paramString.replace("%s*" % origValue, self.addPayloadDelimiters(newValue))
+        elif place == PLACE.UA:
+            retValue = paramString.replace(origValue, self.addPayloadDelimiters(newValue))
        else:
            retValue = paramString.replace("%s=%s" % (parameter, origValue),
                                           "%s=%s" % (parameter, self.addPayloadDelimiters(newValue)))