minight
commented
3 years ago Are you suggesting matching the status code of the final path instead/in addition to the original response
If so. We currently don't support it but I think it's a valid matching case that can be built in.
The max redirects option dictates how many redirects to follow. Not which redirect will be matched on.
It might be worthwhile adding a flag that analyses the Nth request in a redirect chain against baselines. Something like --validate-redirect where options are like off, all, last and N where n is a positive integer corresponding to the nth request to match.
johnnich10
Hello,
Thanks for authoring this tool. While performing testing, I noticed that the tool shows abnormally number of 301 and 302 redirects which eventually are leading to 404.
I'm currently running with
-A=raft-large-words -A=apiroutes-210228:20000 --fail-status-codes 400,401,404,403,501,502,426,411,503and I find that, if the kiterunner encounters a path like
/test/which issues a 301 or 302 redirection to/testwhich throws 404 status code. The kiterunner would log it as a 301 entry on stdout because it sees the first redirection, and it does this for lots of redirects similar to this cluttering the stdout.I tested against multiple domains, and lots of web-server redirects
/test/(directory request) to/test(file request).I saw that there was a setting called
--max-redirects, I set it to larger value but didn't help either.I'm expecting a behavior where KiteRunner not only follows the redirect "but" also checks the status code of the redirected url and match it against the fail status code. I cannot find any functionality to aid this. Also, going down to further redirects level would also be nice (I thought --max-redirects would stop this, but it didn't.. weird and this is like only 1 redirection).
Either I might have missed it or either it's not implemented (?) . Please help and thanks for all the hard work!