[http_splitting] Better reason message

jjsdub556 · Oct 10, 2017 · 05d4915 · 05d4915
1 parent ddd232a
commit 05d4915
Showing 1 changed file with 8 additions and 3 deletions.
diff --git a/gixy/plugins/http_splitting.py b/gixy/plugins/http_splitting.py
@@ -19,7 +19,7 @@ class http_splitting(Plugin):
 
     summary = 'Possible HTTP-Splitting vulnerability.'
     severity = gixy.severity.HIGH
-    description = 'Using variables that can contain "\\n" may lead to http injection.'
+    description = 'Using variables that can contain "\\n" or "\\r" may lead to http injection.'
     help_url = 'https://github.com/yandex/gixy/blob/master/docs/en/plugins/httpsplitting.md'
     directives = ['rewrite', 'return', 'add_header', 'proxy_set_header', 'proxy_pass']
 
@@ -29,9 +29,14 @@ def audit(self, directive):
             return
 
         for var in compile_script(value):
-            if not var.can_contain('\n') and not var.can_contain('\r'):
+            char = ''
+            if var.can_contain('\n'):
+                char = '\\n'
+            elif var.can_contain('\r'):
+                char = '\\r'
+            else:
                 continue
-            reason = 'At least variable "${var}" can contain "\\n"'.format(var=var.name)
+            reason = 'At least variable "${var}" can contain "{char}"'.format(var=var.name, char=char)
             self.add_issue(directive=[directive] + var.providers, reason=reason)