Skip to content

Commit

Permalink
Fix content type parsing error, improve regexp search performance, st…
Browse files Browse the repository at this point in the history
…rip header names and values.
  • Loading branch information
buffermet committed Oct 4, 2020
1 parent dd08976 commit 0a0cefc
Show file tree
Hide file tree
Showing 2 changed files with 101 additions and 54 deletions.
86 changes: 54 additions & 32 deletions modules/http_proxy/http_proxy_js_request.go
Original file line number Diff line number Diff line change
Expand Up @@ -94,27 +94,44 @@ func (j *JSRequest) WasModified() bool {
func (j *JSRequest) GetHeader(name, deflt string) string {
headers := strings.Split(j.Headers, "\r\n")
for i := 0; i < len(headers); i++ {
header_name := header_regexp.ReplaceAllString(headers[i], "$1")
header_value := header_regexp.ReplaceAllString(headers[i], "$2")

if strings.ToLower(name) == strings.ToLower(header_name) {
return header_value
if headers[i] != "" {
header_parts := header_regexp.FindAllSubmatch([]byte(headers[i]), 1)
if len(header_parts) != 0 && len(header_parts[0]) == 3 {
header_name := string(header_parts[0][1])
header_value := string(header_parts[0][2])

if strings.ToLower(name) == strings.ToLower(header_name) {
return header_value
}
}
}
}
return deflt
}

func (j *JSRequest) SetHeader(name, value string) {
name = strings.TrimSpace(name)
value = strings.TrimSpace(value)

if strings.ToLower(name) == "content-type" {
j.ContentType = value;
}

headers := strings.Split(j.Headers, "\r\n")
for i := 0; i < len(headers); i++ {
header_name := header_regexp.ReplaceAllString(headers[i], "$1")
header_value := header_regexp.ReplaceAllString(headers[i], "$2")

if strings.ToLower(name) == strings.ToLower(header_name) {
old_header := header_name + ": " + header_value + "\r\n"
new_header := header_name + ": " + value + "\r\n"
j.Headers = strings.Replace(j.Headers, old_header, new_header, 1)
return
if headers[i] != "" {
header_parts := header_regexp.FindAllSubmatch([]byte(headers[i]), 1)
if len(header_parts) != 0 && len(header_parts[0]) == 3 {
header_name := string(header_parts[0][1])
header_value := string(header_parts[0][2])

if strings.ToLower(name) == strings.ToLower(header_name) {
old_header := header_name + ": " + header_value + "\r\n"
new_header := name + ": " + value + "\r\n"
j.Headers = strings.Replace(j.Headers, old_header, new_header, 1)
return
}
}
}
}
j.Headers += name + ": " + value + "\r\n"
Expand All @@ -123,13 +140,18 @@ func (j *JSRequest) SetHeader(name, value string) {
func (j *JSRequest) RemoveHeader(name string) {
headers := strings.Split(j.Headers, "\r\n")
for i := 0; i < len(headers); i++ {
header_name := header_regexp.ReplaceAllString(headers[i], "$1")
header_value := header_regexp.ReplaceAllString(headers[i], "$2")

if strings.ToLower(name) == strings.ToLower(header_name) {
removed_header := header_name + ": " + header_value + "\r\n"
j.Headers = strings.Replace(j.Headers, removed_header, "", 1)
return
if headers[i] != "" {
header_parts := header_regexp.FindAllSubmatch([]byte(headers[i]), 1)
if len(header_parts) != 0 && len(header_parts[0]) == 3 {
header_name := string(header_parts[0][1])
header_value := string(header_parts[0][2])

if strings.ToLower(name) == strings.ToLower(header_name) {
removed_header := header_name + ": " + header_value + "\r\n"
j.Headers = strings.Replace(j.Headers, removed_header, "", 1)
return
}
}
}
}
}
Expand Down Expand Up @@ -179,26 +201,26 @@ func (j *JSRequest) ToRequest() (req *http.Request) {
req, _ = http.NewRequest(j.Method, url, strings.NewReader(j.Body))
}

hadType := false

headers := strings.Split(j.Headers, "\r\n")
for i := 0; i < len(headers); i++ {
if headers[i] != "" {
header_name := header_regexp.ReplaceAllString(headers[i], "$1")
header_value := header_regexp.ReplaceAllString(headers[i], "$2")

req.Header.Set(header_name, header_value)
if strings.ToLower(header_name) == "content-type" {
hadType = true
header_parts := header_regexp.FindAllSubmatch([]byte(headers[i]), 1)
if len(header_parts) != 0 && len(header_parts[0]) == 3 {
header_name := string(header_parts[0][1])
header_value := string(header_parts[0][2])

if strings.ToLower(header_name) == "content-type" {
if header_value != j.ContentType {
req.Header.Set(header_name, j.ContentType)
continue
}
}
req.Header.Set(header_name, header_value)
}
}
}

req.RemoteAddr = j.Client["IP"]

if !hadType && j.ContentType != "" {
req.Header.Set("Content-Type", j.ContentType)
}

return
}
69 changes: 47 additions & 22 deletions modules/http_proxy/http_proxy_js_response.go
Original file line number Diff line number Diff line change
Expand Up @@ -79,27 +79,44 @@ func (j *JSResponse) WasModified() bool {
func (j *JSResponse) GetHeader(name, deflt string) string {
headers := strings.Split(j.Headers, "\r\n")
for i := 0; i < len(headers); i++ {
header_name := header_regexp.ReplaceAllString(headers[i], "$1")
header_value := header_regexp.ReplaceAllString(headers[i], "$2")
if headers[i] != "" {
header_parts := header_regexp.FindAllSubmatch([]byte(headers[i]), 1)
if len(header_parts) != 0 && len(header_parts[0]) == 3 {
header_name := string(header_parts[0][1])
header_value := string(header_parts[0][2])

if strings.ToLower(name) == strings.ToLower(header_name) {
return header_value
if strings.ToLower(name) == strings.ToLower(header_name) {
return header_value
}
}
}
}
return deflt
}

func (j *JSResponse) SetHeader(name, value string) {
name = strings.TrimSpace(name)
value = strings.TrimSpace(value)

if strings.ToLower(name) == "content-type" {
j.ContentType = value
}

headers := strings.Split(j.Headers, "\r\n")
for i := 0; i < len(headers); i++ {
header_name := header_regexp.ReplaceAllString(headers[i], "$1")
header_value := header_regexp.ReplaceAllString(headers[i], "$2")

if strings.ToLower(name) == strings.ToLower(header_name) {
old_header := header_name + ": " + header_value + "\r\n"
new_header := header_name + ": " + value + "\r\n"
j.Headers = strings.Replace(j.Headers, old_header, new_header, 1)
return
if headers[i] != "" {
header_parts := header_regexp.FindAllSubmatch([]byte(headers[i]), 1)
if len(header_parts) != 0 && len(header_parts[0]) == 3 {
header_name := string(header_parts[0][1])
header_value := string(header_parts[0][2])

if strings.ToLower(name) == strings.ToLower(header_name) {
old_header := header_name + ": " + header_value + "\r\n"
new_header := name + ": " + value + "\r\n"
j.Headers = strings.Replace(j.Headers, old_header, new_header, 1)
return
}
}
}
}
j.Headers += name + ": " + value + "\r\n"
Expand All @@ -108,13 +125,18 @@ func (j *JSResponse) SetHeader(name, value string) {
func (j *JSResponse) RemoveHeader(name string) {
headers := strings.Split(j.Headers, "\r\n")
for i := 0; i < len(headers); i++ {
header_name := header_regexp.ReplaceAllString(headers[i], "$1")
header_value := header_regexp.ReplaceAllString(headers[i], "$2")

if strings.ToLower(name) == strings.ToLower(header_name) {
removed_header := header_name + ": " + header_value + "\r\n"
j.Headers = strings.Replace(j.Headers, removed_header, "", 1)
return
if headers[i] != "" {
header_parts := header_regexp.FindAllSubmatch([]byte(headers[i]), 1)
if len(header_parts) != 0 && len(header_parts[0]) == 3 {
header_name := string(header_parts[0][1])
header_value := string(header_parts[0][2])

if strings.ToLower(name) == strings.ToLower(header_name) {
removed_header := header_name + ": " + header_value + "\r\n"
j.Headers = strings.Replace(j.Headers, removed_header, "", 1)
return
}
}
}
}
}
Expand All @@ -130,10 +152,13 @@ func (j *JSResponse) ToResponse(req *http.Request) (resp *http.Response) {
headers := strings.Split(j.Headers, "\r\n")
for i := 0; i < len(headers); i++ {
if headers[i] != "" {
header_name := header_regexp.ReplaceAllString(headers[i], "$1")
header_value := header_regexp.ReplaceAllString(headers[i], "$2")
header_parts := header_regexp.FindAllSubmatch([]byte(headers[i]), 1)
if len(header_parts) != 0 && len(header_parts[0]) == 3 {
header_name := string(header_parts[0][1])
header_value := string(header_parts[0][2])

resp.Header.Add(header_name, header_value)
resp.Header.Add(header_name, header_value)
}
}
}

Expand Down

0 comments on commit 0a0cefc

Please sign in to comment.