Merge pull request #260 from seccubus/feature/redirect_test
Redirect test that doesn't depend om JSON/CSV output
This commit is contained in:
commit
0d53013c47
|
@ -66,6 +66,9 @@
|
||||||
* Dmitri S
|
* Dmitri S
|
||||||
- inspiration & help for Darwin port
|
- inspiration & help for Darwin port
|
||||||
|
|
||||||
|
* Frank Breedijk
|
||||||
|
- Detection of insecure redirect
|
||||||
|
|
||||||
* Bug reports:
|
* Bug reports:
|
||||||
- Viktor Szépe, Olivier Paroz, Jan H. Terstegge, Lorenz Adena, Jonathon Rossi, Stefan Stidl
|
- Viktor Szépe, Olivier Paroz, Jan H. Terstegge, Lorenz Adena, Jonathon Rossi, Stefan Stidl
|
||||||
|
|
||||||
|
|
|
@ -643,7 +643,14 @@ run_http_header() {
|
||||||
|
|
||||||
out " $status_code$msg_thereafter"
|
out " $status_code$msg_thereafter"
|
||||||
case $status_code in
|
case $status_code in
|
||||||
301|302|307|308) out ", redirecting to \"$(grep -a '^Location' $HEADERFILE | sed 's/Location: //' | tr -d '\r\n')\"" ;;
|
301|302|307|308)
|
||||||
|
out ", redirecting to \"$(grep -a '^Location' $HEADERFILE | sed 's/Location: //' | tr -d '\r\n')\""
|
||||||
|
if [[ ( $redirect == https* ) || ( $redirect == /* ) ]]; then
|
||||||
|
# Ok
|
||||||
|
else
|
||||||
|
pr_litered " -- Redirect to insecure url (NOT ok)"
|
||||||
|
fi
|
||||||
|
;;
|
||||||
200) ;;
|
200) ;;
|
||||||
206) out " -- WTF?" ;;
|
206) out " -- WTF?" ;;
|
||||||
400) pr_litemagenta " (Hint: better try another URL)" ;;
|
400) pr_litemagenta " (Hint: better try another URL)" ;;
|
||||||
|
|
Loading…
Reference in New Issue