Closed AlecHaring closed 2 years ago
sleeyax
commented
2 years ago Good catch, thanks. We can't do something like res.Header.Write(w) because that would write the headers to the body instead of actually setting the HTTP headers in the response. Or what did you have in mind to shorten this, exactly? Suggestions are welcome.
sleeyax
commented
2 years ago Replaced Set with Add. Though if you have another approach/improvement, let me know or create a PR to include it in the next release.
AlecHaring
commented
2 years ago Or what did you have in mind to shorten this, exactly?
I was thinking we could call res.Header.Clone() and then swap the instance of the ResponseWriter w/ the cloned Header, but it does not look like there's a clean way to do it
AlecHaring
commented
2 years ago It seems like even after your fix, this issue is still not fully fixed. res.Header.Get(k) only returns the first value of the given key. I'll open a PR with a fix
sleeyax
commented
2 years ago
If the response contains multiple cookies w/ the same name (such as
set-cookie), only one is returned.Setoverwrites the header's value, if a header with that key already exists: https://github.com/sleeyax/burp-awesome-tls/blob/08fce6f79867de4568c1abb4d9690a318ac16820/src-go/server/server.go#L52-L55Addcould be used instead, but maybe instead of looping through all the headers and copying them that way, it would be better to just copy theHeaderinstance fromrestow?