diff --git a/lib/wpscan/web_site.rb b/lib/wpscan/web_site.rb index 97fc88dd..75780717 100644 --- a/lib/wpscan/web_site.rb +++ b/lib/wpscan/web_site.rb @@ -52,9 +52,9 @@ class WebSite @xmlrpc_url = nil unless headers.nil? - value = headers['X-Pingback'] - unless value.nil? && value.empty? - @xmlrpc_url = value + pingback_url = headers['X-Pingback'] + unless pingback_url.nil? || pingback_url.empty? + @xmlrpc_url = pingback_url end end end diff --git a/spec/lib/wpscan/web_site_spec.rb b/spec/lib/wpscan/web_site_spec.rb index e4196e27..d3a31e0a 100644 --- a/spec/lib/wpscan/web_site_spec.rb +++ b/spec/lib/wpscan/web_site_spec.rb @@ -79,17 +79,43 @@ describe 'WebSite' do end describe '#xml_rpc_url' do - it 'should return the correct url : http://example.localhost/xmlrpc.php' do - xmlrpc = 'http://example.localhost/xmlrpc.php' - stub_request(:get, web_site.url). - to_return(status: 200, headers: { 'X-Pingback' => xmlrpc }) + context 'when the x-pingback is' do - web_site.xml_rpc_url.should === xmlrpc - end + context 'correctly supplied' do + it 'returns the url in the header : http://example.localhost/xmlrpc.php' do + xmlrpc = 'http://example.localhost/xmlrpc.php' + stub_request(:get, web_site.url). + to_return(status: 200, headers: { 'X-Pingback' => xmlrpc }) + + web_site.xml_rpc_url.should === xmlrpc + end + end + + context 'not supplied' do + it 'returns nil' do + stub_request(:get, web_site.url).to_return(status: 200) + web_site.xml_rpc_url.should be_nil + end + + context 'but there is another header field' do + it 'returns nil' do + stub_request(:get, web_site.url). + to_return(status:200, headers: { 'another-field' => 'which we do not care' }) + + web_site.xml_rpc_url.should be_nil + end + end + end + + context 'empty' do + it 'returns nil' do + stub_request(:get, web_site.url). + to_return(status: 200, headers: { 'X-Pingback' => '' }) + + web_site.xml_rpc_url.should be_nil + end + end - it 'should return nil' do - stub_request(:get, web_site.url).to_return(status: 200) - web_site.xml_rpc_url.should be_nil end end