Hi Andres:
We talked on IRC a couple weeks ago about how I might be able to help out w3af,
and you gave me an easy bug that didn't require much knowledge of the internals
to fix.
http://sourceforge.net/tracker/?func=detail&aid=2675986&group_id=170274&atid=853652
I'm attaching a small patch that should fix it. There was a statement
validating some of the page content a couple lines up from this one, but since
it was a logically different check I just added a new statement.
Anyway, sorry it took so long to get it to you, things were more busy than I
expected. I'd like to do some more things to help out if possible. Let me
know if there are any other relatively contained bugs I can help with until I
get a better feel for the framework.
Thanks,
Aaron
ps. Also, let me know if you'd prefer .diff's in a different format in the
future
--- privateIP.py.orig 2009-04-09 17:46:00.000000000 -0400
+++ privateIP.py 2009-04-09 17:45:17.000000000 -0400
@@ -92,6 +92,11 @@
('192.168.' in response) or ('169.254.' in response)):
return
+ # Some proxy servers will return errors that include headers in the body
+ # along with the client IP
+ if 'X-Forwarded-For: ' in response:
+ return
+
for regex in self._regex_list:
for match in regex.findall(response.getBody()):
match = match.strip()
------------------------------------------------------------------------------
Stay on top of everything new and different, both inside and
around Java (TM) technology - register by April 22, and save
$200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco.
300 plus technical and hands-on sessions. Register today.
Use priority code J9JMT32. http://p.sf.net/sfu/p
_______________________________________________
W3af-develop mailing list
W3af-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/w3af-develop
