Skip to content

Instantly share code, notes, and snippets.

@shouc
Created April 12, 2020 00:43
Show Gist options
  • Select an option

  • Save shouc/a9330df817128bc4c4132abf3de09495 to your computer and use it in GitHub Desktop.

Select an option

Save shouc/a9330df817128bc4c4132abf3de09495 to your computer and use it in GitHub Desktop.
#include "cpp-httplib/httplib.h"
using namespace httplib;
int main() {
Server svr;
svr.Get("/1", [](const Request& req, Response& res) {
res.set_redirect("1\r\nSet-Cookie: a=1");
});
svr.Get("/2", [](const Request& req, Response& res) {
res.set_header("a", "1\r\nSet-Cookie: a=1");
});
svr.listen("localhost", 3000);
}
@yhirose

yhirose commented Apr 14, 2020

Copy link
Copy Markdown

@shouc, thanks for the report. I have fixed it with the latest v0.5.9. Could you report the fix to the place to which you have submitted this issue as a vulnerability? Thanks a lot!

@shouc

shouc commented Apr 14, 2020

Copy link
Copy Markdown
Author

You don't need to. It assumes this is fixed in a version > v0.5.8. Thanks.

@yhirose

yhirose commented Apr 14, 2020

Copy link
Copy Markdown

OK. Thanks for the info.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment