s0md3v/Corsy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixes "origin reflected" check

Browse Source 
Previously there was a missing call to `headers = requester(url, scheme,
header_dict, origin)` in the "origin reflected" check. This meant that
the code was not using the intended origin (`origin = root + '://' +
'example.com'`). Intead, the check incorreclty used the headers from the
first request (with `origin = scheme + '://' + root`). This commit fixes
this problem by making the missing request.
This commit is contained in:
Vasco Franco
2021-11-13 23:53:18 +00:00
parent 06f4d4a06d
commit b5c5c21926
1 changed files with 73 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
core/tests.py
View File

@@ -25,16 +25,18 @@ def passive_tests(url, headers):
def active_tests(url, root, scheme, header_dict, delay):
origin = scheme + '://' + root
headers = requester(url, scheme, header_dict, origin)
if headers:
acao_header, acac_header = headers.get('access-control-allow-origin', None), headers.get('access-control-allow-credentials', None)
if acao_header is None:
return
origin = root + '://' + 'example.com'
headers = requester(url, scheme, header_dict, origin)
acao_header, acac_header = headers.get('access-control-allow-origin', None), headers.get('access-control-allow-credentials', None)
if acao_header and acao_header == (origin):
info = details['origin reflected']
info['acao header'] = acao_header
info['acac header'] = acac_header
return {url : info}
elif not acao_header:
return
time.sleep(delay)
origin = scheme + '://' + root + '.example.com'