sqlmapproject/sqlmap
1
1
Fork 0
mirror of https://github.com/sqlmapproject/sqlmap.git synced 2024-11-22 17:46:37 +03:00
Code Issues Packages Projects Releases Wiki Activity

updated and renamed sanitizeCookie to urlEncodeCookieValues because of it's different nature than before

Browse Source
This commit is contained in:
Miroslav Stampar 2010-01-15 11:44:05 +00:00
parent 505647b00f
commit f5c422efb4
2 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
lib/core/common.py
View File

@ -39,6 +39,7 @@ from lib.core.data import logger
from lib.core.data import paths from lib.core.data import paths
from lib.core.data import queries from lib.core.data import queries
from lib.core.data import temp from lib.core.data import temp
from lib.core.convert import urlencode
from lib.core.exception import sqlmapFilePathException from lib.core.exception import sqlmapFilePathException
from lib.core.settings import IS_WIN from lib.core.settings import IS_WIN
from lib.core.settings import SQL_STATEMENTS from lib.core.settings import SQL_STATEMENTS
@ -810,7 +811,7 @@ def searchEnvPath(fileName):
return result return result
def sanitizeCookie(cookieStr, warn=False): def urlEncodeCookieValues(cookieStr, warn=False):
if cookieStr: if cookieStr:
result = "" result = ""
changed = False changed = False
@ -818,16 +819,16 @@ def sanitizeCookie(cookieStr, warn=False):
index = part.find('=') + 1 index = part.find('=') + 1
if index > 0: if index > 0:
name = part[:index - 1].strip() name = part[:index - 1].strip()
value = part[index:].replace(",","%2C").replace(";","%3B").replace(" ","%20") value = urlencode(part[index:], convall=True)
if value != part[index:]: if value != part[index:]:
changed = True changed = True
result += ";%s=%s" % (name, value) result += "; %s=%s" % (name, value)
elif part.strip().lower() != "secure": elif part.strip().lower() != "secure":
result += "%s%s" % ("%3B", part.replace(",","%2C").replace(";","%3B").replace(" ","%20")) result += "%s%s" % ("%3B", urlencode(part, convall=True))
else: else:
result += ";secure" result += "; secure"
if result.startswith(';'): if result.startswith('; '):
result = result[1:] result = result[2:]
elif result.startswith('%3B'): elif result.startswith('%3B'):
result = result[3:] result = result[3:]
if changed and warn: if changed and warn:

4
lib/request/basic.py
View File

@ -29,7 +29,7 @@ import StringIO
import zlib import zlib
from lib.core.common import directoryPath from lib.core.common import directoryPath
from lib.core.common import sanitizeCookie from lib.core.common import urlEncodeCookieValues
from lib.core.data import conf from lib.core.data import conf
from lib.core.data import kb from lib.core.data import kb
from lib.parse.headers import headersParser from lib.parse.headers import headersParser
@ -46,7 +46,7 @@ def forgeHeaders(cookie, ua):
for header, value in conf.httpHeaders: for header, value in conf.httpHeaders:
if cookie and header == "Cookie": if cookie and header == "Cookie":
if conf.cookieUrlencode: if conf.cookieUrlencode:
cookie = sanitizeCookie(cookie) cookie = urlEncodeCookieValues(cookie)
headers[header] = cookie headers[header] = cookie
elif ua and header == "User-Agent": elif ua and header == "User-Agent":