Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improve File Search for Misconfigured Servers #313

adamcaudill opened this issue Dec 21, 2019 · 0 comments

Improve File Search for Misconfigured Servers #313

adamcaudill opened this issue Dec 21, 2019 · 0 comments


Copy link

adamcaudill commented Dec 21, 2019

Currently, we skip many checks if the server doesn't respond to file not found errors with a 404 - this change adds quite a bit of additional logic to deal with these servers, so that we can still perform this checking in a reasonable way. It'll be a bit slower, but should work properly (though in the case of servers that return 200 for everything, there could be false positives).

This also changes the file search behavior to send a HEAD request first (for well configured servers), and then a GET if we get a 200; this eliminates a lot of 404 responses from being stored as evidence - which is a waste, and will improve performance for sites that return a large 404 response.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet

No branches or pull requests

1 participant