Open GoogleCodeExporter opened 9 years ago
Another NPE:
Scanner Information disclosure - sensitive informations on HTTP Referrer header
failed on record 199 from History table
java.lang.NullPointerException
at org.zaproxy.zap.extension.pscan.scanner.InformationDisclosureReferrerScanner.scanHttpRequestSend(InformationDisclosureReferrerScanner.java:47)
at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:110)
I think line 47 should be:
if (referrer != null && referrer.size() > 0 && referrer.get(0).indexOf("?") >
0) {
Original comment by psii...@gmail.com
on 19 Mar 2012 at 2:38
For the CrossDomainScriptInclusionScanner I probably have the answer, just
waiting for a comment from THC to get it commited.
For the InformationDisclosureReferrerScanner, I have added on line 45 :
msg.getRequestHeader().getHeader(HttpHeader.REFERER)!= null
I think it should correct that.
Original comment by desousa.vitor
on 20 Mar 2012 at 10:14
Original issue reported on code.google.com by
psii...@gmail.com
on 19 Mar 2012 at 11:20