@@ -2900,10 +2900,12 @@ def urlencode(value, safe="%&=-_", convall=False, limit=False, spaceplus=False):
29002900
29012901 >>> urlencode('AND 1>(2+3)#')
29022902 'AND%201%3E%282%2B3%29%23'
2903- >>> urlencode(' AND COUNT(SELECT name FROM users WHERE name LIKE \\ '%DBA%\\ ')>0' )
2903+ >>> urlencode(" AND COUNT(SELECT name FROM users WHERE name LIKE '%DBA%')>0" )
29042904 'AND%20COUNT%28SELECT%20name%20FROM%20users%20WHERE%20name%20LIKE%20%27%25DBA%25%27%29%3E0'
2905- >>> urlencode(' AND COUNT(SELECT name FROM users WHERE name LIKE \\ '%_SYSTEM%\\ ')>0' )
2905+ >>> urlencode(" AND COUNT(SELECT name FROM users WHERE name LIKE '%_SYSTEM%')>0" )
29062906 'AND%20COUNT%28SELECT%20name%20FROM%20users%20WHERE%20name%20LIKE%20%27%25_SYSTEM%25%27%29%3E0'
2907+ >>> urlencode("SELECT NAME FROM TABLE WHERE VALUE LIKE '%SOME%BEGIN%'")
2908+ 'SELECT%20NAME%20FROM%20TABLE%20WHERE%20VALUE%20LIKE%20%27%25SOME%25BEGIN%25%27'
29072909 """
29082910
29092911 if conf .get ("direct" ):
@@ -2928,7 +2930,7 @@ def urlencode(value, safe="%&=-_", convall=False, limit=False, spaceplus=False):
29282930 # encoded (when not representing URL encoded char)
29292931 # except in cases when tampering scripts are used
29302932 if all ('%' in _ for _ in (safe , value )) and not kb .tamperFunctions :
2931- value = re .sub (r"(?<= ')%" , "%25" , value ) # e.g. LIKE '%DBA%'
2933+ value = re .sub (r"(?i)\bLIKE\s+'[^']+'" , lambda match : match . group ( 0 ). replace ( '%' , "%25" ) , value )
29322934 value = re .sub (r"%(?![0-9a-fA-F]{2})" , "%25" , value )
29332935
29342936 while True :
0 commit comments