WhatWeb icon indicating copy to clipboard operation
WhatWeb copied to clipboard
verified publisher icon urbanadventurer

Handling of duplicate HTTP headers

Open urbanadventurer opened this issue 8 years ago • 4 comments

Wired.com reports the Via HTTP header twice. The Via plugin then reports twice, however correct behaviour would be to report it once.

https://www.wired.com/ [200 OK] Cookies[CN_xid,xid1], Country[UNITED STATES][US], Frame, HTML5, IP[151.101.193.63], Script[application/ld+json], Strict-Transport-Security[max-age=31536000; preload], UncommonHeaders[access-control-allow-origin,fastly-debug-state,fastly-debug-digest,content-security-policy,x-served-by,x-cache-hits,x-timer], Via-Proxy[1.1 varnish, 1.1 varnish]

image

urbanadventurer avatar Dec 01 '17 00:12 urbanadventurer

lib/target.rb 197 @headers={}; res.each_header { |x, y| @headers[x]=y }

image

Thoughts?

urbanadventurer avatar Dec 01 '17 00:12 urbanadventurer

Ideally, @headers should probably store an Array of values for the specified header key when duplicate headers are present, rather than a flattened String. Duplicates values should be removed.

Unfortunately, this will mean updating every plugin which makes use of @headers to expect an Array ...

bcoles avatar Dec 01 '17 06:12 bcoles

Fortunately, this would mean there would no longer be any reason to monkey-patch Net::HTTP, right?

bcoles avatar Dec 01 '17 07:12 bcoles

The monkey patching gives us the raw response in @raw_headers. We could use it to solve the duplicate problem. The @headers array that has duplicate headers joined with "," is default Ruby behaviour.

urbanadventurer avatar Dec 01 '17 10:12 urbanadventurer