Prevent cross-domain redirection on subsequent requests, add option to disable redirects on all requests

main
Elbert Alias 3 years ago
parent 3def9cf856
commit 1097edde54

@ -35,6 +35,7 @@ wappalyzer <url> [options]
-r, --recursive Follow links on pages (crawler) -r, --recursive Follow links on pages (crawler)
-a, --user-agent=... Set the user agent string -a, --user-agent=... Set the user agent string
-n, --no-scripts Disabled JavaScript on web pages -n, --no-scripts Disabled JavaScript on web pages
-N, --no-redirect Disable cross-domain redirects
``` ```
@ -66,6 +67,7 @@ const options = {
htmlMaxCols: 2000, htmlMaxCols: 2000,
htmlMaxRows: 2000, htmlMaxRows: 2000,
noScripts: false, noScripts: false,
noRedirect: false,
}; };
const wappalyzer = new Wappalyzer(options) const wappalyzer = new Wappalyzer(options)

@ -22,6 +22,7 @@ const aliases = {
r: 'recursive', r: 'recursive',
w: 'maxWait', w: 'maxWait',
n: 'noScripts', n: 'noScripts',
N: 'noRedirect',
} }
while (true) { while (true) {
@ -75,6 +76,7 @@ Options:
-r, --recursive Follow links on pages (crawler) -r, --recursive Follow links on pages (crawler)
-a, --user-agent=... Set the user agent string -a, --user-agent=... Set the user agent string
-n, --no-scripts Disabled JavaScript on web pages -n, --no-scripts Disabled JavaScript on web pages
-N, --no-redirect Disable cross-domain redirects
`) `)
process.exit(1) process.exit(1)

@ -610,11 +610,24 @@ class Site {
] ]
}) })
// Prevent cross-domain redirects
if (response.status() >= 300 && response.status() < 400) { if (response.status() >= 300 && response.status() < 400) {
if (headers.location) { if (headers.location) {
url = new URL(headers.location.slice(-1), url) const _url = new URL(headers.location.slice(-1), url)
if (
_url.hostname.replace(/^www\./, '') ===
this.originalUrl.hostname.replace(/^www\./, '') ||
(Object.keys(this.analyzedUrls).length === 1 &&
!this.options.noRedirect)
) {
url = _url
return
} }
} else { }
}
responseReceived = true responseReceived = true
const certIssuer = response.securityDetails() const certIssuer = response.securityDetails()
@ -625,7 +638,6 @@ class Site {
await this.emit('response', { page, response, headers, certIssuer }) await this.emit('response', { page, response, headers, certIssuer })
} }
}
} catch (error) { } catch (error) {
this.error(error) this.error(error)
} }
@ -983,7 +995,7 @@ class Site {
]) ])
} catch (error) { } catch (error) {
this.analyzedUrls[url.href] = { this.analyzedUrls[url.href] = {
status: 0, status: this.analyzedUrls[url.href]?.status || 0,
error: error.message || error.toString(), error: error.message || error.toString(),
} }

Loading…
Cancel
Save