httpx icon indicating copy to clipboard operation
httpx copied to clipboard
verified publisher icon projectdiscovery

httpx giving false positive results

Open aravindb26 opened this issue 1 year ago • 9 comments

httpx version:

httpx (v1.3.9)

Current Behavior:

When utilizing the following command to retrieve status codes:

httpx -u https://twitter.com/nanicyb -sc

The tool occasionally outputs both 200 and 400 status codes upon multiple executions.

Expected Behavior:

It is suggested that the tool should consistently display the exact status code for a given URL, providing unambiguous information. For instance, executing the command should ideally result in a clear output such as https://twitter.com/nanicyb is 200.

Steps To Reproduce:

Anything else:

The current behavior may lead to confusion for users relying on httpx as a trustworthy tool for status code information. Updating the tool to consistently provide precise results would enhance its usability and save users' time.

I appreciate your attention to this matter and look forward to any improvements that can be made in future releases.

Thank you for your time and dedication to maintaining the httpx tool. httpx

aravindb26 avatar Jan 27 '24 06:01 aravindb26

To temporarily fix the issue of the target blocking a randomly assigned user agent, you can use the -random-agent false option -this might not work every time. We are working to replace the current library with https://github.com/projectdiscovery/useragent soon to prevent such issues from happening in the future.

dogancanbakir avatar Jan 30 '24 10:01 dogancanbakir

depends on https://github.com/projectdiscovery/useragent/pull/108

dogancanbakir avatar Jan 30 '24 10:01 dogancanbakir

To temporarily fix the issue of the target blocking a randomly assigned user agent, you can use the -random-agent false option -this might not work every time. We are working to replace the current library with https://github.com/projectdiscovery/useragent soon to prevent such issues from happening in the future.

I used the flag -random-agent false but that too has same issue.

aravindb26 avatar Jan 30 '24 11:01 aravindb26

How could i solve the issue and get exact status code ? I mean it's difficult to check thousands of urls manually

aravindb26 avatar Jan 30 '24 11:01 aravindb26

As previously mentioned, we will resolve this problem once we merge https://github.com/projectdiscovery/useragent/pull/108. We appreciate your patience as we work on resolving the issue.

dogancanbakir avatar Jan 30 '24 11:01 dogancanbakir

As previously mentioned, we will resolve this problem once we merge projectdiscovery/useragent#108. We appreciate your patience as we work on resolving the issue.

Ok sir that's fine :) Hoping to resolved it soon. So does it comes under a bug category, I mean will it be accepted if we submit at H1 ?

aravindb26 avatar Jan 30 '24 11:01 aravindb26

Regarding your question, the problem you mentioned does not fall under the category of a security issue/bug, so there wouldn't be any need to submit it at H1. But, thank you for opening this issue!

dogancanbakir avatar Jan 30 '24 13:01 dogancanbakir

Hi team,

I think still issue was not fixed httpx_

aravindb26 avatar Feb 03 '24 06:02 aravindb26

@aravindb26, This fix will be in the next release -you're still using the previous version.

dogancanbakir avatar Feb 05 '24 08:02 dogancanbakir