You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
With the new version of arachni, that uses Chrome browser instead of decommissioned PhantomJS, I have noticed that the crawler sends Authorization: Negotiate header regardless of --http-authentication-type parameter (I have tried all of them) in every request the moment I start it. This breaks my entire scan, because the application already expects Authorization: Bearer JWT header, and fails receiving request with 2 identical name headers.
Is there any way to instruct arachni not to send that Authorization: Negotiate header at all?
The text was updated successfully, but these errors were encountered:
With the new version of arachni, that uses Chrome browser instead of decommissioned PhantomJS, I have noticed that the crawler sends Authorization: Negotiate header regardless of
--http-authentication-type
parameter (I have tried all of them) in every request the moment I start it. This breaks my entire scan, because the application already expects Authorization: Bearer JWT header, and fails receiving request with 2 identical name headers.Is there any way to instruct arachni not to send that Authorization: Negotiate header at all?
The text was updated successfully, but these errors were encountered: