diff --git a/nselib/data/http-default-accounts-fingerprints.lua b/nselib/data/http-default-accounts-fingerprints.lua
index d58ffeb6a..787366c7b 100644
--- a/nselib/data/http-default-accounts-fingerprints.lua
+++ b/nselib/data/http-default-accounts-fingerprints.lua
@@ -23,7 +23,7 @@
---
local function try_http_basic_login(host, port, path, user, pass)
local credentials = {username = user, password = pass}
- local req = http.get(host, port, path, {no_cache=true, auth=credentials})
+ local req = http.get(host, port, path, {no_cache=true, auth=credentials, redirect_ok = false})
if req.status ~= 401 and req.status ~= 403 then
return true
end
@@ -46,7 +46,7 @@ local function try_http_post_login(host, port, path, target, failstr, params, fo
local status = ( req and tonumber(req.status) ) or 0
if follow_redirects and ( status > 300 and status < 400 ) then
- req = http.get(host, port, url.absolute(path, req.header.location), { no_cache = true})
+ req = http.get(host, port, url.absolute(path, req.header.location), { no_cache = true, redirect_ok = false })
end
if not(http.response_contains(req, failstr)) then
return true
diff --git a/nselib/http.lua b/nselib/http.lua
index b0e9ebd22..87bd5c10e 100644
--- a/nselib/http.lua
+++ b/nselib/http.lua
@@ -1316,7 +1316,7 @@ local function parse_redirect(host, port, path, response)
not(response.header.location) ) then
return nil
end
-
+ port = ( "number" == type(port) ) and { number = port } or port
local u = url.parse(response.header.location)
if ( not(u.host) and not(u.scheme) ) then
-- we're dealing with a relative url
diff --git a/nselib/httpspider.lua b/nselib/httpspider.lua
index 916f71dcc..6c175e57a 100644
--- a/nselib/httpspider.lua
+++ b/nselib/httpspider.lua
@@ -482,6 +482,7 @@ Crawler = {
-- withindomain - stay within the base_url domain
-- scriptname - should be set to SCRIPT_NAME to enable
-- script specific arguments.
+ -- redirect_ok - redirect_ok closure to pass to http.get function
-- @return o new instance of Crawler or nil on failure
new = function(self, host, port, url, options)
local o = {
@@ -498,7 +499,7 @@ Crawler = {
o:loadLibraryArguments()
o:loadDefaultArguments()
- local response = http.get(o.host, o.port, '/', { timeout = o.options.timeout } )
+ local response = http.get(o.host, o.port, '/', { timeout = o.options.timeout, redirect_ok = o.options.redirect_ok } )
if ( not(response) or 'table' ~= type(response) ) then
return
@@ -629,7 +630,7 @@ Crawler = {
end
-- fetch the url, and then push it to the processed table
- local response = http.get(url:getHost(), url:getPort(), url:getFile(), { timeout = self.options.timeout } )
+ local response = http.get(url:getHost(), url:getPort(), url:getFile(), { timeout = self.options.timeout, redirect_ok = self.options.redirect_ok } )
self.processed[tostring(url)] = true
if ( response ) then
diff --git a/scripts/http-open-redirect.nse b/scripts/http-open-redirect.nse
index e43272619..ae602aa8c 100644
--- a/scripts/http-open-redirect.nse
+++ b/scripts/http-open-redirect.nse
@@ -82,7 +82,7 @@ end
action = function(host, port)
- local crawler = httpspider.Crawler:new(host, port, '/', { scriptname = SCRIPT_NAME } )
+ local crawler = httpspider.Crawler:new(host, port, '/', { scriptname = SCRIPT_NAME, redirect_ok = false } )
crawler:set_timeout(10000)
local results = {}
diff --git a/scripts/http-vhosts.nse b/scripts/http-vhosts.nse
index 76f731b85..137efd77e 100644
--- a/scripts/http-vhosts.nse
+++ b/scripts/http-vhosts.nse
@@ -541,7 +541,7 @@ action = function(host, port)
if targetname ~= nil then
- http_response = http.head(host, port, path, {header={Host=targetname}, bypass_cache=true})
+ http_response = http.head(host, port, path, {header={Host=targetname}, bypass_cache=true, redirect_ok = false})
if not http_response.status then
if not http_response["ERROR"] then