pub struct RangeSmuggleProbe {
pub variant: RangeSmuggleVariant,
pub header_lines: Vec<(String, String)>,
pub description: String,
pub canary: Canary,
}Expand description
A Range-header smuggle probe.
Fields§
§variant: RangeSmuggleVariant§header_lines: Vec<(String, String)>Header lines to attach. Most variants emit one (name, value) pair; the duplicate-header variant emits two.
description: String§canary: CanaryImplementations§
Source§impl RangeSmuggleProbe
impl RangeSmuggleProbe
Sourcepub fn empty_range_set() -> Self
pub fn empty_range_set() -> Self
Range: bytes= — empty range set.
Sourcepub fn reversed_first_last(first: u64, last: u64) -> Self
pub fn reversed_first_last(first: u64, last: u64) -> Self
Range: bytes={first}-{last} with first > last. Strict =
416. Lax = swapped.
Sourcepub fn overlapping_ranges() -> Self
pub fn overlapping_ranges() -> Self
Range: bytes=0-99,50-149 — overlapping spans.
Sourcepub fn over_large_last_position() -> Self
pub fn over_large_last_position() -> Self
Range: bytes=0-{LARGE} — over-large last position. The
position is drawn from SAFE_LARGE_LAST_POS per-call.
Sourcepub fn whitespace_inside_range() -> Self
pub fn whitespace_inside_range() -> Self
Range: bytes= 0 - 99 — whitespace sprinkled in the spec.
Specific whitespace insertion locations are randomised per
call so signature WAFs that pin “exactly one space after =”
don’t catch every probe.
Sourcepub fn suffix_length_as_negative_position(suffix_len: u64) -> Self
pub fn suffix_length_as_negative_position(suffix_len: u64) -> Self
Range: bytes=-1000 — suffix range. Some implementations
misread the leading - as a sign.
Sourcepub fn non_bytes_unit() -> Self
pub fn non_bytes_unit() -> Self
Range: <unit>=0-9 — non-bytes unit. Unit drawn from
NON_BYTES_UNITS per-call.
Sourcepub fn duplicate_header_first_wins_benign(smuggle_range: &str) -> Self
pub fn duplicate_header_first_wins_benign(smuggle_range: &str) -> Self
Two Range: header lines — first benign full-resource,
second the smuggled range.
Trait Implementations§
Source§impl Clone for RangeSmuggleProbe
impl Clone for RangeSmuggleProbe
Source§fn clone(&self) -> RangeSmuggleProbe
fn clone(&self) -> RangeSmuggleProbe
1.0.0 (const: unstable) · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source. Read moreSource§impl Debug for RangeSmuggleProbe
impl Debug for RangeSmuggleProbe
Source§impl SmuggleProbe for RangeSmuggleProbe
impl SmuggleProbe for RangeSmuggleProbe
Source§fn canary(&self) -> &Canary
fn canary(&self) -> &Canary
X-Probe-Id, etc.) so server-side responses can be
attributed to the specific variant that triggered them.Source§fn technique(&self) -> String
fn technique(&self) -> String
family.variant form. Used
in telemetry, JSON output, and reproducer logs. Example:
"cookie.duplicate-name-last-wins".