mirror of
https://github.com/sqlmapproject/sqlmap.git
synced 2024-11-22 09:36:35 +03:00
updated and renamed sanitizeCookie to urlEncodeCookieValues because of it's different nature than before
This commit is contained in:
parent
505647b00f
commit
f5c422efb4
|
@ -39,6 +39,7 @@ from lib.core.data import logger
|
||||||
from lib.core.data import paths
|
from lib.core.data import paths
|
||||||
from lib.core.data import queries
|
from lib.core.data import queries
|
||||||
from lib.core.data import temp
|
from lib.core.data import temp
|
||||||
|
from lib.core.convert import urlencode
|
||||||
from lib.core.exception import sqlmapFilePathException
|
from lib.core.exception import sqlmapFilePathException
|
||||||
from lib.core.settings import IS_WIN
|
from lib.core.settings import IS_WIN
|
||||||
from lib.core.settings import SQL_STATEMENTS
|
from lib.core.settings import SQL_STATEMENTS
|
||||||
|
@ -810,7 +811,7 @@ def searchEnvPath(fileName):
|
||||||
|
|
||||||
return result
|
return result
|
||||||
|
|
||||||
def sanitizeCookie(cookieStr, warn=False):
|
def urlEncodeCookieValues(cookieStr, warn=False):
|
||||||
if cookieStr:
|
if cookieStr:
|
||||||
result = ""
|
result = ""
|
||||||
changed = False
|
changed = False
|
||||||
|
@ -818,16 +819,16 @@ def sanitizeCookie(cookieStr, warn=False):
|
||||||
index = part.find('=') + 1
|
index = part.find('=') + 1
|
||||||
if index > 0:
|
if index > 0:
|
||||||
name = part[:index - 1].strip()
|
name = part[:index - 1].strip()
|
||||||
value = part[index:].replace(",","%2C").replace(";","%3B").replace(" ","%20")
|
value = urlencode(part[index:], convall=True)
|
||||||
if value != part[index:]:
|
if value != part[index:]:
|
||||||
changed = True
|
changed = True
|
||||||
result += ";%s=%s" % (name, value)
|
result += "; %s=%s" % (name, value)
|
||||||
elif part.strip().lower() != "secure":
|
elif part.strip().lower() != "secure":
|
||||||
result += "%s%s" % ("%3B", part.replace(",","%2C").replace(";","%3B").replace(" ","%20"))
|
result += "%s%s" % ("%3B", urlencode(part, convall=True))
|
||||||
else:
|
else:
|
||||||
result += ";secure"
|
result += "; secure"
|
||||||
if result.startswith(';'):
|
if result.startswith('; '):
|
||||||
result = result[1:]
|
result = result[2:]
|
||||||
elif result.startswith('%3B'):
|
elif result.startswith('%3B'):
|
||||||
result = result[3:]
|
result = result[3:]
|
||||||
if changed and warn:
|
if changed and warn:
|
||||||
|
|
|
@ -29,7 +29,7 @@ import StringIO
|
||||||
import zlib
|
import zlib
|
||||||
|
|
||||||
from lib.core.common import directoryPath
|
from lib.core.common import directoryPath
|
||||||
from lib.core.common import sanitizeCookie
|
from lib.core.common import urlEncodeCookieValues
|
||||||
from lib.core.data import conf
|
from lib.core.data import conf
|
||||||
from lib.core.data import kb
|
from lib.core.data import kb
|
||||||
from lib.parse.headers import headersParser
|
from lib.parse.headers import headersParser
|
||||||
|
@ -46,7 +46,7 @@ def forgeHeaders(cookie, ua):
|
||||||
for header, value in conf.httpHeaders:
|
for header, value in conf.httpHeaders:
|
||||||
if cookie and header == "Cookie":
|
if cookie and header == "Cookie":
|
||||||
if conf.cookieUrlencode:
|
if conf.cookieUrlencode:
|
||||||
cookie = sanitizeCookie(cookie)
|
cookie = urlEncodeCookieValues(cookie)
|
||||||
|
|
||||||
headers[header] = cookie
|
headers[header] = cookie
|
||||||
elif ua and header == "User-Agent":
|
elif ua and header == "User-Agent":
|
||||||
|
|
Loading…
Reference in New Issue
Block a user