From 7caa6a38b8ad30f62fe86b5c0b23bf78b1e61ba0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thomas=20K=C3=A4hn?= <tkaehn@users.noreply.github.com>
Date: Wed, 23 Oct 2019 14:12:10 +0200
Subject: [PATCH 1/2] HEADERFILE ends on first newline.

Otherwise 'IPv4 address in header' shows body content.
---
 testssl.sh | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/testssl.sh b/testssl.sh
index 36914d3..5fef023 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -2175,10 +2175,8 @@ run_http_header() {
      # Populate vars for HTTP time
      debugme echo "$NOW_TIME: $HTTP_TIME"
 
-     # delete from pattern til the end. We ignore any leading spaces (e.g. www.amazon.de)
-     sed -e '/<HTML>/,$d' -e '/<html>/,$d' -e '/<\!DOCTYPE/,$d' -e '/<\!doctype/,$d' \
-         -e '/<XML/,$d' -e '/<xml/,$d' -e '/<\?XML/,$d' -e '/<?xml/,$d' $HEADERFILE >$HEADERFILE.tmp
-         # ^^^ Attention: filtering is for html body only as of now, doesn't work for other content yet
+     # Quit on first empty line
+     sed -e '/^$/q' $HEADERFILE >$HEADERFILE.tmp
      mv $HEADERFILE.tmp $HEADERFILE
 
      HTTP_STATUS_CODE=$(awk '/^HTTP\// { print $2 }' $HEADERFILE 2>>$ERRFILE)

From 0cfd30f8b83a1c0ff87b747c81c7a8cb2672a4f4 Mon Sep 17 00:00:00 2001
From: Dirk Wetter <dirk@testssl.sh>
Date: Sat, 26 Oct 2019 13:13:10 +0200
Subject: [PATCH 2/2] make filtering for header more robust

... by re-adding the former filters after ``sed '/^$q'``
---
 testssl.sh | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/testssl.sh b/testssl.sh
index 5fef023..3a323b3 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -2175,9 +2175,12 @@ run_http_header() {
      # Populate vars for HTTP time
      debugme echo "$NOW_TIME: $HTTP_TIME"
 
-     # Quit on first empty line
+     # Quit on first empty line to catch 98% of the cases
      sed -e '/^$/q' $HEADERFILE >$HEADERFILE.tmp
-     mv $HEADERFILE.tmp $HEADERFILE
+     # Now to be more sure delete from ~html patterns until the end. We ignore any leading spaces (e.g. www.amazon.de)
+     sed -e '/<HTML>/,$d' -e '/<html>/,$d' -e '/<\!DOCTYPE/,$d' -e '/<\!doctype/,$d' \
+         -e '/<XML/,$d' -e '/<xml/,$d' -e '/<\?XML/,$d' -e '/<?xml/,$d' $HEADERFILE.tmp >$HEADERFILE
+         # ^^^ Attention: filtering is for ~html body only as of now
 
      HTTP_STATUS_CODE=$(awk '/^HTTP\// { print $2 }' $HEADERFILE 2>>$ERRFILE)
      msg_thereafter=$(awk -F"$HTTP_STATUS_CODE" '/^HTTP\// { print $2 }' $HEADERFILE 2>>$ERRFILE)   # dirty trick to use the status code as a