Provides a common function, url.get_default_port(), for obtaining

the default port number for a given scheme. Fixes #781

scripts/http-backup-finder.nse

@@ -122,13 +122,8 @@ action = function(host, port)
     if ( parsed.path:match(".*%.*.$") ) then
       -- iterate over possible backup files
       for link in backupNames(parsed.path) do
-        local host, port = parsed.host, parsed.port
-
-        -- if no port was found, try to deduce it from the scheme
-        if ( not(port) ) then
-          port = (parsed.scheme == 'https') and 443
-          port = port or ((parsed.scheme == 'http') and 80)
-        end
+        local host = parsed.host
+        local port = parsed.port or url.get_default_port(parsed.scheme)
 
         -- the url.escape doesn't work here as it encodes / to %2F
         -- which results in 400 bad request, so we simple do a space

scripts/http-favicon.nse

@@ -128,21 +128,17 @@ end
 -- host, port, and path if the URL is relative. Return nil if the scheme is not
 -- "http" or "https".
 function parse_url_relative(u, host, port, path)
-  local defaultport, scheme, abspath
+  local scheme, abspath
   u = url.parse(u)
   scheme = u.scheme or "http"
-  if scheme == "http" then
-    defaultport = 80
-  elseif scheme == "https" then
-    defaultport = 443
-  else
+  if not (scheme == "http" or scheme == "https") then
     return nil
   end
   abspath = u.path or ""
   if not string.find(abspath, "^/") then
     abspath = dirname(path) .. "/" .. abspath
   end
-  return u.host or host, u.port or defaultport, abspath
+  return u.host or host, u.port or url.get_default_port(scheme), abspath
 end
 
 function parseIcon( body )

scripts/http-open-redirect.nse

@@ -59,13 +59,7 @@ local function dbgt(tbl)
 end
 
 local function getHostPort(parsed)
-  local host, port = parsed.host, parsed.port
-  -- if no port was found, try to deduce it from the scheme
-  if ( not(port) ) then
-    port = (parsed.scheme == 'https') and 443
-    port = port or ((parsed.scheme == 'http') and 80)
-  end
-  return host, port
+  return parsed.host, parsed.port or url.get_default_port(parsed.scheme)
 end
 
 local function isRedirect(status)

scripts/http-phpself-xss.nse

@@ -147,12 +147,8 @@ PHP files are not handling safely the variable $_SERVER["PHP_SELF"] causing Refl
 
     --Only work with .php files
     if ( parsed.path and parsed.path:match(".*.php") ) then
-        --The following port/scheme code was seen in http-backup-finder and its neat =)
-        local host, port = parsed.host, parsed.port
-        if ( not(port) ) then
-          port = (parsed.scheme == 'https') and 443
-          port = port or ((parsed.scheme == 'http') and 80)
-        end
+        local host = parsed.host
+        local port = parsed.port or url.get_default_port(parsed.scheme)
         local escaped_link = parsed.path:gsub(" ", "%%20")
         if launch_probe(host,port,escaped_link) then
           table.insert(vulnpages, parsed.scheme..'://'..host..escaped_link..PHP_SELF_PROBE)

scripts/http-unsafe-output-escaping.nse

@@ -49,14 +49,9 @@ portrule = shortport.http
 local dbg = stdnse.debug2
 
 local function getHostPort(parsed)
-  local host, port = parsed.host, parsed.port
-  -- if no port was found, try to deduce it from the scheme
-  if ( not(port) ) then
-    port = (parsed.scheme == 'https') and 443
-    port = port or ((parsed.scheme == 'http') and 80)
-  end
-  return host, port
+  return parsed.host, parsed.port or url.get_default_port(parsed.scheme)
 end
+
 local function getReflected(parsed, r)
   local reflected_values,not_reflected_values = {},{}
   local count = 0