From 85e1fe8b68e24f9b80d6ad7f87a72945ee2ccf5e Mon Sep 17 00:00:00 2001
From: Vasco Franco <Vasco-jofra@users.noreply.github.com>
Date: Sun, 14 Nov 2021 00:02:28 +0000
Subject: [PATCH] Fix bug in extractHeaders and simplify its logic

`extractHeaders` had an incorrect regex that crashed Corsy with the msg:
"sre_constants.error: nothing to repeat at position 1". This was caused
by `^?`, which is not a valid regex, and can be reproduced with the
README example: `python3 corsy.py -u https://example.com --headers
"User-Agent: GoogleBot\nCookie: SESSION=Hacked"`.
Instead of using the regex this commit simplifies the logic by using a
`split` to split lines and header_name/value pairs.
---
 core/utils.py | 22 +++++++++-------------
 1 file changed, 9 insertions(+), 13 deletions(-)

diff --git a/core/utils.py b/core/utils.py
index ee433c8..0a5b713 100644
--- a/core/utils.py
+++ b/core/utils.py
@@ -64,17 +64,13 @@ def prompt(default=None):
             return tmpfile.read().strip()
 
 
-def extractHeaders(headers):
-    headers = headers.replace('\\n', '\n')
+def extractHeaders(headers: str):
     sorted_headers = {}
-    matches = re.findall(r'^?(.*?):\s(.*?)[\n$]', headers)
-    for match in matches:
-        header = match[0]
-        value = match[1]
-        try:
-            if value[-1] == ',':
-                value = value[:-1]
-            sorted_headers[header] = value
-        except IndexError:
-            pass
-    return sorted_headers
+    for header in headers.split('\\n'):
+        name, value = header.split(":", 1)
+        name = name.strip()
+        value = value.strip()
+        if len(value) >= 1 and value[-1] == ',':
+            value = value[:-1]
+        sorted_headers[name] = value
+    return sorted_headers
\ No newline at end of file