Fixes a few issues with redirects

First, this prevents a DNS lookup from happening when we encounter a redirect, *even if we don't intend to follow it*. This likely addresses some part of zmap#452 Second, if we aren't following redirects, don't have the scan fail in an 'application-error'. We are succeeding in what we intended to do, which is to scan without following redirects
Seanstoppable · Aug 19, 2024 · babad09 · babad09
1 parent 6cdc779
commit babad09
Showing 1 changed file with 6 additions and 4 deletions.
diff --git a/modules/http/scanner.go b/modules/http/scanner.go
@@ -388,6 +388,12 @@ func redirectsToLocalhost(host string) bool {
 // the redirectToLocalhost and MaxRedirects config
 func (scan *scan) getCheckRedirect() func(*http.Request, *http.Response, []*http.Request) error {
 	return func(req *http.Request, res *http.Response, via []*http.Request) error {
+		if scan.scanner.config.MaxRedirects == 0 {
+			return nil
+		}
+		if len(via) > scan.scanner.config.MaxRedirects {
+			return ErrTooManyRedirects
+		}
 		if !scan.scanner.config.FollowLocalhostRedirects && redirectsToLocalhost(req.URL.Hostname()) {
 			return ErrRedirLocalhost
 		}
@@ -413,10 +419,6 @@ func (scan *scan) getCheckRedirect() func(*http.Request, *http.Response, []*http
 			}
 		}
 
-		if len(via) > scan.scanner.config.MaxRedirects {
-			return ErrTooManyRedirects
-		}
-
 		return nil
 	}
 }