WhatWeb
WhatWeb copied to clipboard
urbanadventurer
Handling of duplicate HTTP headers
Wired.com reports the Via HTTP header twice. The Via plugin then reports twice, however correct behaviour would be to report it once.
https://www.wired.com/ [200 OK] Cookies[CN_xid,xid1], Country[UNITED STATES][US], Frame, HTML5, IP[151.101.193.63], Script[application/ld+json], Strict-Transport-Security[max-age=31536000; preload], UncommonHeaders[access-control-allow-origin,fastly-debug-state,fastly-debug-digest,content-security-policy,x-served-by,x-cache-hits,x-timer], Via-Proxy[1.1 varnish, 1.1 varnish]
lib/target.rb 197 @headers={}; res.each_header { |x, y| @headers[x]=y }
Thoughts?
Ideally, @headers should probably store an Array of values for the specified header key when duplicate headers are present, rather than a flattened String. Duplicates values should be removed.
Unfortunately, this will mean updating every plugin which makes use of @headers to expect an Array ...
Fortunately, this would mean there would no longer be any reason to monkey-patch Net::HTTP, right?
The monkey patching gives us the raw response in @raw_headers. We could use it to solve the duplicate problem. The @headers array that has duplicate headers joined with "," is default Ruby behaviour.