You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Often, we see responses with status code 200 and with the meta tag defining the redirect, if we implement a follow redirect we would increase the number of vulnerabilities found in nuclei. I think we need to override func (c *Client) do(req *Request) (retres *Response, reterr error) and add getMetaRedirect as a fallback method to determine the redirect,
funcgetMetaRedirect(bodystring) (redirect_urlstring, errerror) {
// <meta http-equiv="refresh" content="4; URL='https://google.com/'" />doc, err:=goquery.NewDocumentFromReader(strings.NewReader(body))
iferr!=nil {
return"", err
}
meta:=doc.Find("meta[http-equiv='refresh']")
ifmeta.Length() ==0 {
return"", nil
}
content:=meta.AttrOr("content", "")
ifcontent=="" {
return"", nil
}
parts:=strings.Split(content, ";")
iflen(parts) <2 {
return"", nil
}
// get urlfor_, part:=rangeparts {
// use regex case insensitve to search for url partifstrings.Contains(strings.ToLower(part), "url=") {
// trim url part with regexurl:=part[6 : len(part)-1]
returnurl, nil
}
}
return"", nil
}
Describe the use case of this feature:
Follow meta redirects like burp suite
The text was updated successfully, but these errors were encountered:
Please describe your feature request:
Often, we see responses with status code 200 and with the meta tag defining the redirect, if we implement a follow redirect we would increase the number of vulnerabilities found in nuclei. I think we need to override
func (c *Client) do(req *Request) (retres *Response, reterr error)and add getMetaRedirect as a fallback method to determine the redirect,Describe the use case of this feature:
Follow meta redirects like burp suite
The text was updated successfully, but these errors were encountered: