| skipped 783 lines |
| 784 | 784 | | _temp = value |
| 785 | 785 | | if decode_first: |
| 786 | 786 | | value = urldecode(value) |
| | 787 | + | if conf.safe_chars: |
| | 788 | + | safe = f"{safe}{conf.safe_chars}" |
| 787 | 789 | | if ( |
| 788 | 790 | | injection_type |
| 789 | 791 | | and injection_type not in ["HEADER", "COOKIE"] |
| skipped 323 lines |
| 1113 | 1115 | | if conf.backend == "Microsoft SQL Server" and injection_type == "POST" |
| 1114 | 1116 | | else "/=*?&:;,+" |
| 1115 | 1117 | | ) |
| 1116 | | - | if conf.safe_chars: |
| 1117 | | - | safe = f"{conf.safe_chars}{safe}" |
| 1118 | 1118 | | if not is_json and not key == "#1*": |
| 1119 | 1119 | | text = urlencode( |
| 1120 | 1120 | | value=text, |
| skipped 949 lines |
