Skip to content

Fix: normalize literal \\r\\n escape sequences in HTTP content from MCP clients#58

Open
dhawanmayank wants to merge 1 commit intoPortSwigger:mainfrom
dhawanmayank:fix/normalize-http-line-endings
Open

Fix: normalize literal \\r\\n escape sequences in HTTP content from MCP clients#58
dhawanmayank wants to merge 1 commit intoPortSwigger:mainfrom
dhawanmayank:fix/normalize-http-line-endings

Conversation

@dhawanmayank
Copy link
Copy Markdown

@dhawanmayank dhawanmayank commented Mar 3, 2026

Problem

MCP clients (e.g. Claude Code) pass \r\n as literal 4-character text escape sequences (\, r, \, n) in JSON tool parameters, rather than actual CR (0x0D) + LF (0x0A) bytes.

The existing line-ending normalization in send_http1_request only handles actual CR/LF characters:

val fixedContent = content.replace("\r", "").replace("\n", "\r\n")

This doesn't match the literal \r\n text, producing malformed HTTP like:

POST /doLogin HTTP/1.1\r\nHost: example.com\r\n\r\nuid=admin

...which is a single garbled line instead of properly delimited HTTP.

Strict servers (e.g. Apache-Coyote/Tomcat) reject this with 400 Bad Request, while lenient servers (Cloudflare, nginx) may tolerate it — making the bug intermittent and hard to diagnose.

Additionally, create_repeater_tab and send_to_intruder had no line-ending normalization at all, causing the same issue when requests were sent to Repeater/Intruder tabs.

Verification

Confirmed by sending identical raw content via netcat:

Format Result
Proper CRLF (\x0D\x0A) 302 Found ✅
LF-only (\x0A) 302 Found ✅
Literal \r\n text 400 Bad Request

Fix

Added a normalizeHttpContent() helper that handles both literal escape sequences and actual line endings, converting everything to proper HTTP CRLF:

private fun normalizeHttpContent(content: String): String = content
    .replace("\\r\\n", "\n")   // Literal \r\n escape sequences → LF
    .replace("\\n", "\n")      // Remaining literal \n → LF
    .replace("\\r", "")        // Remaining literal \r → remove
    .replace("\r", "")          // Actual CR → remove
    .replace("\n", "\r\n")      // All LF → proper CRLF

Applied to all three affected tools:

  • send_http1_request — replaces the existing incomplete normalization
  • create_repeater_tab — previously had no normalization
  • send_to_intruder — previously had no normalization

Testing

  • All existing tests pass (./gradlew build succeeds)
  • Manually verified against Apache-Coyote server (demo.testfire.net) — requests now return proper responses instead of 400

Relates to #51

@dhawanmayank
fix: normalize literal \r\n escape sequences in HTTP content from MCP…
ee6594a 
… clients

MCP clients pass \r\n as literal 4-character text sequences in tool
parameters rather than actual CR+LF bytes. The existing normalization
in send_http1_request only handled actual CR/LF characters, causing
malformed HTTP requests that strict servers (e.g. Apache-Coyote) reject
with 400 Bad Request.

This commit:
- Adds normalizeHttpContent() helper that handles both literal escape
  sequences and actual line endings
- Applies normalization to send_http1_request (replacing the existing
  incomplete fix)
- Applies normalization to create_repeater_tab (previously had no
  normalization at all)
- Applies normalization to send_to_intruder (previously had no
  normalization at all)

Relates to PortSwigger#51
@dhawanmayank
Copy link
Copy Markdown
Author

dhawanmayank commented Mar 3, 2026

@danielgallen This should fix the issues: #51
Can you review?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@dhawanmayank