[BUG] Mishandling of whitespace for supplied request headers

[soutzis]

Describe the bug When manually supplying headers (-H option) for a scan, feroxbuster does not gracefully handle whitespace and will add one (1) additional whitespace character after the Host: prefix.

To Reproduce Start a scan while supplying the host header with the -H flag. You can capture the request with your proxy server and observe that there will always be n+1 whitespace characters, where n is the amount of whitespace characters supplied by the user.

Expected behavior Ideally, the excess whitespace should be stripped. When no whitespace is provided, the tool correctly adds a whitespace character and that functionality should be preserved.

Traceback / Error Output The above command shows that 1 space is added after the Host HTTP header, as is normally expected.

The screenshot shows (highlighted in red) that an additional whitespace character is added.

Environment (please complete the following information):

• Feroxbuster 2.10.2 (bug observed in previous versions as well)
• Windows 11

[epi052]

howdy and thanks for submitting!

is it only the host header?

[soutzis]

Just checked, it seems that it's all headers added manually.

[epi052]

Yea, I jumped the gun asking. It's an easy fix, I'm just trying to set it up to handle this case specifically and still allow for intentional leading whitespace

[epi052]

@all-contributors add @soutzis for bug

[allcontributors[bot]]

@epi052

I've put up a pull request to add @soutzis! :tada: