diff options
| author | sulfastor <torresmoisesa@gmail.com> | 2019-05-30 10:01:24 +0200 |
|---|---|---|
| committer | Darshit Shah <darnir@gnu.org> | 2019-05-30 10:01:24 +0200 |
| commit | 4ce2f93600827f47f7fea5e7eeb224232cef3c3d (patch) | |
| tree | 0240dc6fd1ebb965012a74b76a9da5c694dd4820 /fuzz | |
| parent | 0cdbc715a9fae00a51609520ad92ceaa20bd0939 (diff) | |
| download | wget-4ce2f93600827f47f7fea5e7eeb224232cef3c3d.tar.gz | |
Hi, Thank you again Darshit for your response. The RejectHeaderField rule rejects ANY header
of the header field while RejectHeader rejects ONLY the specified full header.
Since we wanted to be sure a header field is not sent to the server we wrote this rule.
* doc/wget.texi: Added --disable-header documentation.
* fuzz/wget_options_fuzzer.dict: Update with --disable-header inputs.
* src/http.c (disabled_header): Checks for disabled headers
(request_set_header): Doesn't let header to be set if disabled
(gethttp): frees disabled header to let overriding
* src/init.c (cmd_dis_header), (check_user_disabled_header) added new option disabled_headers.
* src/main.c: added new option --disable-header, added help description
* src/options.h: added new option --disable-header
* src/utils.h (vec_remove_header)
* src/utils.c (vec_remove_header) removes all header instances from vector
* testenv/Makefile.am: Added new test files
* testenv/server/http/http_server.py: Added new rule RejectHeaderField
* testenv/conf/reject_header_field.py: Added new rule RejectHeaderField
* testenv/README: Added help description for new rule
* testenv/Test-disable-default-headers.py: Test without using --header
* testenv/Test-disable-headers-after.py: Test using --header before --disable-header
* testenv/Test-disable-headers-before.py: Test using --header after --disable-header
Signed-off-by: sulfastor <torresmoisesa@gmail.com>, adham elkarn <adhamelkarn@hotmail.com>
Diffstat (limited to 'fuzz')
| -rw-r--r-- | fuzz/wget_options_fuzzer.dict | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/fuzz/wget_options_fuzzer.dict b/fuzz/wget_options_fuzzer.dict index 9a2dbd8e..12d54d60 100644 --- a/fuzz/wget_options_fuzzer.dict +++ b/fuzz/wget_options_fuzzer.dict @@ -30,6 +30,22 @@ "human" "csv" "json" +"Authorization" +"User-Agent" +"Referer" +"Cache-Control" +"Pragma" +"If-Modified-Since" +"Range" +"Accept" +"Accept-Encoding" +"Host" +"Connection" +"Proxy-Connection" +"Content-Type" +"Content-Length" +"Proxy-Authorization" +"Cookie" "accept=" "accept-regex=" "adjust-extension=" @@ -66,6 +82,7 @@ "delete-after=" "directories=" "directory-prefix=" +"disable-header=" "dns-caching=" "dns-timeout=" "domains=" |