search

HavocFramework / Havoc

The Havoc Framework.
GNU General Public License v3.0
6.3k stars 905 forks source link

Hostheader #458

Closed d0UBleW closed 4 months ago

d0UBleW commented 5 months ago

Added Listener HTTP HostHeader field to be configurable via profile.

Configuring Host header via Headers field does not work as expected as the gin package parses the Host header to Context.Request.Host instead of Context.Request.Header. The fix is to use existing HTTPConfig.HostHeader field from the listener configuration and compare it to Context.Request.Host.

As for setup using redirector, the HTTP request Host header field could be retrieved from X-Forwarded-Host since it is mentioned to be de-facto standard on mdn web docs

Cracked5pider commented 4 months ago

can you push it to the dev branch? besides that it looks good 👀

d0UBleW commented 4 months ago

Based on past PRs, I assume I just create another PR directly targeting dev?

This is my first PR, so not quite sure 😅

Cracked5pider commented 4 months ago

haha yes please change the target branch to be dev. a great first pr btw :P

d0UBleW commented 4 months ago

Alright, I have created another PR here. I will be closing this PR. Thank you!