Closed soutzis closed 2 months ago
howdy and thanks for submitting!
is it only the host header?
Just checked, it seems that it's all headers added manually.
Yea, I jumped the gun asking. It's an easy fix, I'm just trying to set it up to handle this case specifically and still allow for intentional leading whitespace
@all-contributors add @soutzis for bug
@epi052
I've put up a pull request to add @soutzis! :tada:
Describe the bug When manually supplying headers (
-H
option) for a scan, feroxbuster does not gracefully handle whitespace and will add one (1) additional whitespace character after theHost:
prefix.To Reproduce Start a scan while supplying the host header with the
-H
flag. You can capture the request with your proxy server and observe that there will always be n+1 whitespace characters, where n is the amount of whitespace characters supplied by the user.Expected behavior Ideally, the excess whitespace should be stripped. When no whitespace is provided, the tool correctly adds a whitespace character and that functionality should be preserved.
Traceback / Error Output
The above command shows that 1 space is added after the
Host
HTTP header, as is normally expected.Environment (please complete the following information):