[Bug] Codeinject的host部分由于pom.xml更新了tomcat 版本导致打不通

对于接口`/codeinject/host`，预期是通过修改`host`命令注入。

pom.xml中由于此Commit `https://github.com/JoyChou93/java-sec-code/commit/621c30050f82379afe1e2e6d4ff66c1234f33913`，本地启动项目的话tomcat是`8.5.85` 的版本。这个版本的tomcat会对`host`的格式做检验，对于例如`host: localhost;cat /flag`的`host`值，会认为`;` `/`这些字符不符合，从而导致打不通。

8.5.85
![image](https://github.com/JoyChou93/java-sec-code/assets/72065582/5d4b8a5c-7c34-4064-b784-0c12d7fff553)
![image](https://github.com/JoyChou93/java-sec-code/assets/72065582/ebb660a8-b119-45ff-b77a-6a7d83a7185b)
![image](https://github.com/JoyChou93/java-sec-code/assets/72065582/d9fedee5-00f0-4fe3-ba94-7c98a1e550a3)


tomcat是8.5.11的话，可以正常打通。
![image](https://github.com/JoyChou93/java-sec-code/assets/72065582/d0d27e5b-f22f-4e60-b283-d65c421438fe)
![image](https://github.com/JoyChou93/java-sec-code/assets/72065582/9d59e755-b14f-4988-b8c4-9e1303f36155)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[Bug] Codeinject的host部分由于pom.xml更新了tomcat 版本导致打不通 #78

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

[Bug] Codeinject的host部分由于pom.xml更新了tomcat 版本导致打不通 #78

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions