From 8b6bd2f717d7fd58c720b44d9a5f9dc0b3678b98 Mon Sep 17 00:00:00 2001
From: Pxmme <b4kab4ka@gmail.com>
Date: Sun, 24 May 2020 14:22:35 +0200
Subject: [PATCH] Update crlf-injection.yaml

---
 vulnerabilities/crlf-injection.yaml | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/vulnerabilities/crlf-injection.yaml b/vulnerabilities/crlf-injection.yaml
index 2f327b4629..1f4f1c005b 100644
--- a/vulnerabilities/crlf-injection.yaml
+++ b/vulnerabilities/crlf-injection.yaml
@@ -11,6 +11,7 @@ requests:
       - "{{BaseURL}}/%0D%0ASet-Cookie:crlfinjection=crlfinjection"
       - "{{BaseURL}}/%E5%98%8D%E5%98%8ASet-Cookie:crlfinjection=crlfinjection" #unicode bypass
     matchers:
-      - type: dsl
-        dsl:
-        - 'contains(set_cookie,"crlfinjection")'
+      - type: regex
+        regex:
+        - "(^Set-Cookie:|;(| ))( |)crlfinjection=crlfinjection($|;)"
+        part: header