From 7d194e2965fc9ce428c1c95ab3961a9511c302d9 Mon Sep 17 00:00:00 2001
From: mzack <marco.rivoli.nvh@gmail.com>
Date: Wed, 22 Jun 2022 15:07:16 +0200
Subject: [PATCH] Adding stricter check on offline templates list

---
 v2/pkg/templates/compile.go | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/v2/pkg/templates/compile.go b/v2/pkg/templates/compile.go
index ea5c05b11c..a6dcae500c 100644
--- a/v2/pkg/templates/compile.go
+++ b/v2/pkg/templates/compile.go
@@ -3,7 +3,6 @@ package templates
 import (
 	"fmt"
 	"reflect"
-	"strings"
 
 	"github.com/pkg/errors"
 	"gopkg.in/yaml.v2"
@@ -14,6 +13,7 @@ import (
 	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/offlinehttp"
 	"github.com/projectdiscovery/nuclei/v2/pkg/templates/cache"
 	"github.com/projectdiscovery/nuclei/v2/pkg/utils"
+	"github.com/projectdiscovery/stringsutil"
 )
 
 var (
@@ -203,8 +203,13 @@ func (template *Template) compileOfflineHTTPRequest(options protocols.ExecuterOp
 
 mainLoop:
 	for _, req := range template.RequestsHTTP {
+		hasPaths := len(req.Path) > 0
+		if !hasPaths {
+			break mainLoop
+		}
 		for _, path := range req.Path {
-			if !(strings.EqualFold(path, "{{BaseURL}}") || strings.EqualFold(path, "{{BaseURL}}/")) {
+			pathIsBaseURL := stringsutil.EqualFoldAny(path, "{{BaseURL}}", "{{BaseURL}}/", "/")
+			if !pathIsBaseURL {
 				break mainLoop
 			}
 		}