id: crlf-injection

info:
  name: CRLF injection
  author: nadino
  severity: low

requests:
  - method: GET
    path:
      - "{{BaseURL}}/%0D%0ASet-Cookie:crlfinjection=crlfinjection"
      - "{{BaseURL}}/%E5%98%8D%E5%98%8ASet-Cookie:crlfinjection=crlfinjection" #unicode bypass
    matchers:
      - type: regex
        regex:
        - "(^Set-Cookie:|;(| ))( |)crlfinjection=crlfinjection($|;)"
        part: header