On Sat, Mar 14, 2009 at 05:46:07PM +0100, Achim Hoffmann wrote: > Andres, > > !! GET https://target/ HTTP/1.1 > > !! Host: extranet > > !! > > !! 302... > > !! location: https://extranet/extranet-login.jsp > > > I don't understand what this has to do with vhosts.
It doesn't particularly. vhost discovery plugin is just one of the things that get screwed by this unfortunate feature == blindly following 302's. > Either the contacted web server acts as a open proxy or passes the request to > the extranet host. No, the web server returns a 302 with a Location of a different web server. w3af then requests the location from the new web server before returning the result to the plugin in question. /olle ------------------------------------------------------------------------------ Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are powering Web 2.0 with engaging, cross-platform capabilities. Quickly and easily build your RIAs with Flex Builder, the Eclipse(TM)based development software that enables intelligent coding and step-through debugging. Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
