Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit f5c422e

Browse files
stamparmstamparm
committed
updated and renamed sanitizeCookie to urlEncodeCookieValues because of it's different nature than before
1 parent 505647b commit f5c422e

2 files changed

Lines changed: 10 additions & 9 deletions

File tree

lib/core/common.py

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,7 @@
3939
from lib.core.data import paths
4040
from lib.core.data import queries
4141
from lib.core.data import temp
42+
from lib.core.convert import urlencode
4243
from lib.core.exception import sqlmapFilePathException
4344
from lib.core.settings import IS_WIN
4445
from lib.core.settings import SQL_STATEMENTS
@@ -810,24 +811,24 @@ def searchEnvPath(fileName):
810811

811812
return result
812813

813-
def sanitizeCookie(cookieStr, warn=False):
814+
def urlEncodeCookieValues(cookieStr, warn=False):
814815
if cookieStr:
815816
result = ""
816817
changed = False
817818
for part in cookieStr.split(';'):
818819
index = part.find('=') + 1
819820
if index > 0:
820821
name = part[:index - 1].strip()
821-
value = part[index:].replace(",","%2C").replace(";","%3B").replace(" ","%20")
822+
value = urlencode(part[index:], convall=True)
822823
if value != part[index:]:
823824
changed = True
824-
result += ";%s=%s" % (name, value)
825+
result += "; %s=%s" % (name, value)
825826
elif part.strip().lower() != "secure":
826-
result += "%s%s" % ("%3B", part.replace(",","%2C").replace(";","%3B").replace(" ","%20"))
827+
result += "%s%s" % ("%3B", urlencode(part, convall=True))
827828
else:
828-
result += ";secure"
829-
if result.startswith(';'):
830-
result = result[1:]
829+
result += "; secure"
830+
if result.startswith('; '):
831+
result = result[2:]
831832
elif result.startswith('%3B'):
832833
result = result[3:]
833834
if changed and warn:

lib/request/basic.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@
2929
import zlib
3030

3131
from lib.core.common import directoryPath
32-
from lib.core.common import sanitizeCookie
32+
from lib.core.common import urlEncodeCookieValues
3333
from lib.core.data import conf
3434
from lib.core.data import kb
3535
from lib.parse.headers import headersParser
@@ -46,7 +46,7 @@ def forgeHeaders(cookie, ua):
4646
for header, value in conf.httpHeaders:
4747
if cookie and header == "Cookie":
4848
if conf.cookieUrlencode:
49-
cookie = sanitizeCookie(cookie)
49+
cookie = urlEncodeCookieValues(cookie)
5050

5151
headers[header] = cookie
5252
elif ua and header == "User-Agent":

0 commit comments

Comments
 (0)