From 899e80bee27a408a85bd697eec45b84287009dc6 Mon Sep 17 00:00:00 2001
From: Madalin Ilie <madalin.ilie@endava.com>
Date: Thu, 26 Nov 2020 21:12:04 +0200
Subject: [PATCH] Fix #4 by adding boundary=cats for multipart headers

---
 .../headers/BaseSecurityChecksHeadersFuzzer.java       | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/main/java/com/endava/cats/fuzzer/headers/BaseSecurityChecksHeadersFuzzer.java b/src/main/java/com/endava/cats/fuzzer/headers/BaseSecurityChecksHeadersFuzzer.java
index a7aefbe91..fbc0a8fc2 100644
--- a/src/main/java/com/endava/cats/fuzzer/headers/BaseSecurityChecksHeadersFuzzer.java
+++ b/src/main/java/com/endava/cats/fuzzer/headers/BaseSecurityChecksHeadersFuzzer.java
@@ -40,10 +40,10 @@ public abstract class BaseSecurityChecksHeadersFuzzer implements Fuzzer {
             "image/x-icon",
             "image/vnd.djvu",
             "image/svg+xml",
-            "multipart/mixed",
-            "multipart/alternative",
-            "multipart/related",
-            "multipart/form-data",
+            "multipart/mixed; boundary=cats",
+            "multipart/alternative; boundary=cats",
+            "multipart/related; boundary=cats",
+            "multipart/form-data; boundary=cats",
             "text/css",
             "text/csv",
             "text/html",
@@ -63,7 +63,7 @@ protected static List<Set<CatsHeader>> filterHeaders(FuzzingData data, String he
         List<Set<CatsHeader>> setOfSets = new ArrayList<>();
 
         for (String currentHeader : UNSUPPORTED_MEDIA_TYPES) {
-            if (!contentTypes.contains(currentHeader)) {
+            if (contentTypes.stream().noneMatch(currentHeader::startsWith)) {
                 Set<CatsHeader> clonedHeaders = Cloner.cloneMe(data.getHeaders());
                 clonedHeaders.add(CatsHeader.builder().name(headerName).value(currentHeader).build());
                 setOfSets.add(clonedHeaders);