-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Change REQUEST_FILENAME behavior #3048
Conversation
Quality Gate passedKudos, no new issues were introduced! 0 New issues |
I don't know why I didn't make a pr, even make a issue. However, our version is patched in 2022: // It's patched just the use of --- src/transaction.cc 2022-03-19 13:59:14.000000000 +0800
+++ /tmp/transaction.cc 2024-02-02 17:46:05.000000000 +0800
@@ -463,6 +463,14 @@ int Transaction::processURI(const char *
size_t pos_raw_query = uri_s.find("?");
+ std::string path_info_raw;
+ if (pos_raw_query == std::string::npos) {
+ path_info_raw = std::string(uri_s, 0);
+ } else {
+ path_info_raw = std::string(uri_s, 0, pos_raw_query);
+ }
+ std::string path_info = utils::uri_decode(path_info_raw);
+
m_uri_decoded = utils::uri_decode(uri_s);
size_t var_size = pos_raw_query;
@@ -477,14 +485,6 @@ int Transaction::processURI(const char *
m_variableRequestProtocol.set("HTTP/" + std::string(http_version),
m_variableOffset + requestLine.size() + 1);
-
- std::string path_info;
- if (pos_raw_query == std::string::npos) {
- path_info = std::string(uri_s, 0);
- } else {
- path_info = std::string(uri_s, 0, pos_raw_query);
- }
- path_info = utils::uri_decode(path_info);
m_uri_no_query_string_decoded = std::unique_ptr<std::string>(
new std::string(path_info));
@@ -496,6 +496,7 @@ int Transaction::processURI(const char * Should I review all our changes, and try to make PR or issue? |
Well, there are a few of us who walk this path :)
Sure, let's see and discuss it. Also, there is a channel on OWASP's Slack where you can join to - the name is |
No description provided.