RYDE-WORK/CORStest
1
0
Fork 0
mirror of https://github.com/RYDE-WORK/CORStest.git synced 2026-01-28 17:53:14 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Minor fix to prevent false positives

Browse Source
This commit is contained in:
jensvoid 2017-10-01 13:35:48 +02:00
parent 8b99cca1e4
commit b203683955
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
corstest.py
View File

@ -81,7 +81,7 @@ def cors(url, origin, ssltest=False, firstrun=False):
if acac and acao != '*' and not args.q: alert(url, "Access-Control-Allow-Credentials present") if acac and acao != '*' and not args.q: alert(url, "Access-Control-Allow-Credentials present")
if vary and not args.q: warning(url, "Access-Control-Allow-Origin dynamically generated") if vary and not args.q: warning(url, "Access-Control-Allow-Origin dynamically generated")
if ssltest and response.info().getheader('Strict-Transport-Security'): acao = "" if ssltest and response.info().getheader('Strict-Transport-Security'): acao = ""
return acao or "" return (acao or "") if acac else ""
except Exception as e: except Exception as e:
if not args.q: error(url, e.message or str(e).splitlines()[-1]) if not args.q: error(url, e.message or str(e).splitlines()[-1])
if not firstrun: return "" if not firstrun: return ""