form action urls not followed?

[dkegel-fastly]

Describe the bug

Given the page http://localhost containing

<form action="/xss.php">
  <input type="text" id="xss" name="xss"><br>
  <input type="submit" value="Submit">
  </ul>
</form>

the command

dalfox url http://localhost

fetches from

http://localhost/?xss=DalFox

when it should fetch from

http://localhost/app.php?xss=DalFox

It seems ParameterAnalysis() is ignoring the url part of the form action? See

dalfox/pkg/scanning/parameterAnlaysis.go

Line 177 in c344c58

doc.Find("form").Each(func(i int, s *goquery.Selection) {

doc.Find("form").Each(func(i int, s *goquery.Selection) {
        action, _ := s.Attr("action")
        if strings.HasPrefix(action, "/") || strings.HasPrefix(action, "?") { // assuming this is a relative URL
                url, _ := url.Parse(action)
                query := url.Query()
                for aParam := range query { 
                        p, dp = setP(p, dp, aParam, options)
                        count = count + 1
                }                                  
        }       
})      

Environment

• Dalfox Version: c344c58
• Installed from: github clone

[dkegel-fastly]

Is the intent to delegate all crawling to some external tool like katana?