From f5c422efb43ff4039b5763d8113356e58d5f25de Mon Sep 17 00:00:00 2001
From: Miroslav Stampar <miroslav.stampar@gmail.com>
Date: Fri, 15 Jan 2010 11:44:05 +0000
Subject: [PATCH] updated and renamed sanitizeCookie to urlEncodeCookieValues
 because of it's different nature than before

---
 lib/core/common.py   | 15 ++++++++-------
 lib/request/basic.py |  4 ++--
 2 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/lib/core/common.py b/lib/core/common.py
index 6639cef9a..672ecde92 100644
--- a/lib/core/common.py
+++ b/lib/core/common.py
@@ -39,6 +39,7 @@ from lib.core.data import logger
 from lib.core.data import paths
 from lib.core.data import queries
 from lib.core.data import temp
+from lib.core.convert import urlencode
 from lib.core.exception import sqlmapFilePathException
 from lib.core.settings import IS_WIN
 from lib.core.settings import SQL_STATEMENTS
@@ -810,7 +811,7 @@ def searchEnvPath(fileName):
 
     return result
 
-def sanitizeCookie(cookieStr, warn=False):
+def urlEncodeCookieValues(cookieStr, warn=False):
     if cookieStr:
         result = ""
         changed = False
@@ -818,16 +819,16 @@ def sanitizeCookie(cookieStr, warn=False):
             index = part.find('=') + 1
             if index > 0:
                 name = part[:index - 1].strip()
-                value = part[index:].replace(",","%2C").replace(";","%3B").replace(" ","%20")
+                value = urlencode(part[index:], convall=True)
                 if value != part[index:]:
                     changed = True
-                result += ";%s=%s" % (name, value)
+                result += "; %s=%s" % (name, value)
             elif part.strip().lower() != "secure":
-                result += "%s%s" % ("%3B", part.replace(",","%2C").replace(";","%3B").replace(" ","%20"))
+                result += "%s%s" % ("%3B", urlencode(part, convall=True))
             else:
-                result += ";secure"
-        if result.startswith(';'):
-            result = result[1:]
+                result += "; secure"
+        if result.startswith('; '):
+            result = result[2:]
         elif result.startswith('%3B'):
             result = result[3:]
         if changed and warn:
diff --git a/lib/request/basic.py b/lib/request/basic.py
index 01cf726ea..15138977f 100644
--- a/lib/request/basic.py
+++ b/lib/request/basic.py
@@ -29,7 +29,7 @@ import StringIO
 import zlib
 
 from lib.core.common import directoryPath
-from lib.core.common import sanitizeCookie
+from lib.core.common import urlEncodeCookieValues
 from lib.core.data import conf
 from lib.core.data import kb
 from lib.parse.headers import headersParser
@@ -46,7 +46,7 @@ def forgeHeaders(cookie, ua):
     for header, value in conf.httpHeaders:
         if cookie and header == "Cookie":
             if conf.cookieUrlencode:
-                cookie = sanitizeCookie(cookie)
+                cookie = urlEncodeCookieValues(cookie)
 
             headers[header] = cookie
         elif ua and header == "User-Agent":