!! > When a server redirects requests with a 302, vhost discovery gets confused. !! !! So the bug is basically that w3af follows 302 redirects off-site. !! This could potentially be problematic in other cases as well. !! !! This bug also means that you get false positives for vhost discovery when !! the tested vhost exists and the target host redirects requests for "/".
there should be a list of valid destination to follow, as well as a redirect limit (default 5 or so). Achim ------------------------------------------------------------------------------ Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
