Removed global request URI.encode. Added URI.encode on wp

lib/browser.rb

@@ -141,7 +141,7 @@ class Browser
 
   def forge_request(url, params = {})
     Typhoeus::Request.new(
-        URI.encode(url.to_s),
+        url.to_s,
         merge_request_params(params)
     )
   end

lib/wpscan/wp_item.rb

@@ -62,12 +62,12 @@ class WpItem < Vulnerable
     path = @path.sub(/^\//, "")
     if type =="plugins"
       # plugins can be outside of wp-content. wp_content_dir included in wp_plugins_dir
-      ret = URI.parse("#{url}#@wp_plugins_dir/#{path}")
+      ret = URI.parse(URI.encode("#{url}#@wp_plugins_dir/#{path}"))
     elsif type == "timthumbs"
       # timthumbs have folder in path variable
-      ret = URI.parse("#{url}#{wp_content_dir}/#{path}")
+      ret = URI.parse(URI.encode("#{url}#{wp_content_dir}/#{path}"))
     else
-      ret = URI.parse("#{url}#{wp_content_dir}/#{get_sub_folder}/#{path}")
+      ret = URI.parse(URI.encode("#{url}#{wp_content_dir}/#{get_sub_folder}/#{path}"))
     end
     ret
   end
@@ -79,7 +79,7 @@ class WpItem < Vulnerable
     unless valid_location_url
       valid_location_url = add_trailing_slash(location_url)
     end
-    URI.parse(valid_location_url)
+    URI.parse(URI.encode(valid_location_url))
   end
 
   # Returns version number from readme.txt if it exists

lib/wpstools/parse_svn.rb

@@ -59,7 +59,7 @@ class Svn_Parser
     # First get all trunk or version directories
     dirs.each do |dir|
       svnurl = @svn_root + dir + "/"
-      request = @svn_browser.forge_request(svnurl)
+      request = @svn_browser.forge_request(URI.encode(svnurl))
       request.on_complete do |response|
         # trunk folder present
         if contains_trunk(response)
@@ -97,7 +97,7 @@ class Svn_Parser
     queue_count = 0
     dirs.each do |dir|
       url = @svn_root + dir[:name] + "/" + dir[:folder] + "/"
-      request = @svn_browser.forge_request(url)
+      request = @svn_browser.forge_request(URI.encode(url))
       request.on_complete do |response|
         puts "[+] Parsing url #{url} [#{response.code.to_s}]" if @verbose
         file = response.body[%r{<li><a href="(.+\.[^/]+)">.+</a></li>}i, 1]

spec/lib/wpscan/modules/wp_config_backup_spec.rb

@@ -31,7 +31,7 @@ shared_examples_for "WpConfigBackup" do
     # set all @config_backup_files to point to a 404
     before :each do
       @config_backup_files.each do |backup_file|
-        file_url = @module.uri.merge(URI.escape(backup_file)).to_s
+        file_url = @module.uri.merge(URI.encode(backup_file)).to_s
 
         stub_request(:get, file_url).
             to_return(:status => 404, :body => "")
@@ -46,7 +46,7 @@ shared_examples_for "WpConfigBackup" do
       expected = []
 
       @config_backup_files.sample(1).each do |backup_file|
-        file_url = @module.uri.merge(URI.escape(backup_file)).to_s
+        file_url = @module.uri.merge(backup_file).to_s
         expected << file_url
 
         stub_request(:get, file_url).
@@ -63,7 +63,7 @@ shared_examples_for "WpConfigBackup" do
       expected = []
 
       @config_backup_files.sample(2).each do |backup_file|
-        file_url = @module.uri.merge(URI.escape(backup_file)).to_s
+        file_url = @module.uri.merge(backup_file).to_s
         expected << file_url
 
         stub_request(:get, file_url).