fix for redirect/HOST header bug

doc/THANKS

@@ -648,6 +648,9 @@ Phil P <@superevr>
 ragos <ragos@joker.ms>
     for reporting a minor bug
 
+rmillet <rmillet42@gmail.com>
+    for reporting a bug
+
 shiftzwei <shiftzwei@gmail.com>
     for reporting a couple of bugs
 

lib/core/common.py

@@ -3128,3 +3128,11 @@ def findPageForms(content, url, raise_=False, addToTargets=False):
             kb.targetUrls.add(target)
 
     return retVal
+
+def getHostHeader(url):
+    retVal = urlparse.urlparse(url).netloc
+
+    if any(map(lambda x: retVal.endswith(':%d' % x), [80, 443])):
+        retVal = retVal.split(':')[0]
+
+    return retVal

lib/request/connect.py

@@ -25,6 +25,7 @@ from lib.core.common import cpuThrottle
 from lib.core.common import extractRegexResult
 from lib.core.common import getCurrentThreadData
 from lib.core.common import getFilteredPageContent
+from lib.core.common import getHostHeader
 from lib.core.common import getUnicode
 from lib.core.common import logHTTPTraffic
 from lib.core.common import parseTargetUrl
@@ -234,10 +235,7 @@ class Connect:
 
             headers[HTTPHEADER.ACCEPT] = HTTP_ACCEPT_HEADER_VALUE
 
-            headers[HTTPHEADER.HOST] = urlparse.urlparse(url).netloc
+            headers[HTTPHEADER.HOST] = getHostHeader(url)
-
-            if any(map(lambda x: headers[HTTPHEADER.HOST].endswith(':%d' % x), [80, 443])):
-                headers[HTTPHEADER.HOST] = headers[HTTPHEADER.HOST].split(':')[0]
 
             if auxHeaders:
                 for key, item in auxHeaders.items():

lib/request/redirecthandler.py

@@ -12,6 +12,7 @@ import urlparse
 
 from lib.core.data import conf
 from lib.core.data import logger
+from lib.core.common import getHostHeader
 from lib.core.common import getUnicode
 from lib.core.common import logHTTPTraffic
 from lib.core.enums import HTTPHEADER
@@ -28,6 +29,16 @@ class SmartRedirectHandler(urllib2.HTTPRedirectHandler):
     # assuming we're in a loop
     max_redirections = 10
 
+    def _get_header_redirect(self, headers):
+        retVal = None
+
+        if "location" in headers:
+            retVal = headers.getheaders("location")[0].split("?")[0]
+        elif "uri" in headers:
+            retVal = headers.getheaders("uri")[0].split("?")[0]
+
+        return retVal
+
     def common_http_redirect(self, result, headers, code, content, msg):
         content = decodePage(content, headers.get(HTTPHEADER.CONTENT_ENCODING), headers.get(HTTPHEADER.CONTENT_TYPE))
 
@@ -49,10 +60,8 @@ class SmartRedirectHandler(urllib2.HTTPRedirectHandler):
         logger.log(7, responseMsg)
 
         if result:
-            if "location" in headers:
+            if self._get_header_redirect(headers):
-                result.redurl = headers.getheaders("location")[0].split("?")[0]
+                result.redurl = self._get_header_redirect(headers)
-            elif "uri" in headers:
-                result.redurl = headers.getheaders("uri")[0].split("?")[0]
 
             if hasattr(result, 'redurl'):
                 if not urlparse.urlsplit(result.redurl).netloc:
@@ -76,6 +85,9 @@ class SmartRedirectHandler(urllib2.HTTPRedirectHandler):
             dbgMsg += "redirect response content (%s)" % msg
             logger.debug(dbgMsg)
 
+        if self._get_header_redirect(headers):
+            req.headers[HTTPHEADER.HOST] = getHostHeader(self._get_header_redirect(headers))
+
         result = urllib2.HTTPRedirectHandler.http_error_301(self, req, fp, code, msg, headers)
         return self.common_http_redirect(result, headers, code, content, msg)
 
@@ -90,6 +102,9 @@ class SmartRedirectHandler(urllib2.HTTPRedirectHandler):
             dbgMsg += "redirect response content (%s)" % msg
             logger.debug(dbgMsg)
 
+        if self._get_header_redirect(headers):
+            req.headers[HTTPHEADER.HOST] = getHostHeader(self._get_header_redirect(headers))
+
         result = urllib2.HTTPRedirectHandler.http_error_302(self, req, fp, code, msg, headers)
         return self.common_http_redirect(result, headers, code, content, msg)