@@ -3622,21 +3622,23 @@ def decodeStringEscape(value):
36223622 retVal = value
36233623
36243624 if value and '\\ ' in value :
3625- if isinstance (value , unicode ):
3626- retVal = retVal .encode (UNICODE_ENCODING )
3625+ charset = "\\ %s" % string .whitespace .replace (" " , "" )
3626+ for _ in charset :
3627+ retVal = retVal .replace (repr (_ ).strip ("'" ), _ )
36273628
3628- try :
3629- retVal = codecs .escape_decode (retVal )[0 ]
3630- except :
3631- try :
3632- retVal = retVal .decode ("string_escape" )
3633- except :
3634- charset = string .whitespace .replace (" " , "" )
3635- for _ in charset :
3636- retVal = retVal .replace (repr (_ ).strip ("'" ), _ )
3629+ return retVal
36373630
3638- if isinstance (value , unicode ):
3639- retVal = getUnicode (retVal )
3631+ def encodeStringEscape (value ):
3632+ """
3633+ Encodes escaped string values (e.g. "\t " -> "\\ t")
3634+ """
3635+
3636+ retVal = value
3637+
3638+ if value :
3639+ charset = "\\ %s" % string .whitespace .replace (" " , "" )
3640+ for _ in charset :
3641+ retVal = retVal .replace (_ , repr (_ ).strip ("'" ))
36403642
36413643 return retVal
36423644
@@ -3656,7 +3658,7 @@ def _(value):
36563658 return value
36573659
36583660 payload = getUnicode (urldecode (payload .replace (PAYLOAD_DELIMITER , "" ), convall = True ))
3659- regex = _ (filterStringValue (payload , r"[A-Za-z0-9]" , REFLECTED_REPLACEMENT_REGEX . encode ( "string_escape" )))
3661+ regex = _ (filterStringValue (payload , r"[A-Za-z0-9]" , encodeStringEscape ( REFLECTED_REPLACEMENT_REGEX )))
36603662
36613663 if regex != payload :
36623664 if all (part .lower () in content .lower () for part in filterNone (regex .split (REFLECTED_REPLACEMENT_REGEX ))[1 :]): # fast optimization check
0 commit comments