[http_splitting] Better reason message

2017-10-10 15:12:16 +03:00 · 2017-10-10 15:12:16 +03:00 · 05d4915901
parent ddd232a6b1
commit 05d4915901
1 changed files with 8 additions and 3 deletions
--- a/gixy/plugins/http_splitting.py
+++ b/gixy/plugins/http_splitting.py
@ -19,7 +19,7 @@ class http_splitting(Plugin):

    summary = 'Possible HTTP-Splitting vulnerability.'
    severity = gixy.severity.HIGH
-    description = 'Using variables that can contain "\\n" may lead to http injection.'
+    description = 'Using variables that can contain "\\n" or "\\r" may lead to http injection.'
    help_url = 'https://github.com/yandex/gixy/blob/master/docs/en/plugins/httpsplitting.md'
    directives = ['rewrite', 'return', 'add_header', 'proxy_set_header', 'proxy_pass']

@ -29,9 +29,14 @@ class http_splitting(Plugin):
            return

        for var in compile_script(value):
-            if not var.can_contain('\n') and not var.can_contain('\r'):
+            char = ''
+            if var.can_contain('\n'):
+                char = '\\n'
+            elif var.can_contain('\r'):
+                char = '\\r'
+            else:
                continue
-            reason = 'At least variable "${var}" can contain "\\n"'.format(var=var.name)
+            reason = 'At least variable "${var}" can contain "{char}"'.format(var=var.name, char=char)
            self.add_issue(directive=[directive] + var.providers, reason=reason)