mirrors/netsurf
1
0
Fork 0
mirror of https://github.com/netsurf-browser/netsurf synced 2024-11-21 22:11:22 +03:00
Code Issues Packages Projects Releases Wiki Activity

HSTS: propagate enabled state for HTTPS URLs, too

Browse Source 
While we have no need to transform the URL in the HTTPS case, the
HSTS policy should still result in a hard failure when something
is untoward (i.e. not providing the user with a way to proceed).
Ensure this is so.
This commit is contained in:
John-Mark Bell 2024-01-20 18:10:51 +00:00
parent daa0fb5dc7
commit 283f73dcaa
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
content/llcache.c
View File

@ -2207,10 +2207,17 @@ static nserror llcache_hsts_transform_url(nsurl *url, nsurl **result,
scheme = nsurl_get_component(url, NSURL_SCHEME);
if (lwc_string_caseless_isequal(scheme, corestring_lwc_http,
&match) != lwc_error_ok || match == false) {
/* Non-HTTP fetch: ignore */
/* Non-HTTP fetch: no transform required */
if (lwc_string_caseless_isequal(scheme, corestring_lwc_https,
&match) == lwc_error_ok && match) {
/* HTTPS: ask urldb if HSTS is enabled */
*hsts_in_use = urldb_get_hsts_enabled(url);
} else {
/* Anything else: no HSTS */
*hsts_in_use = false;
}
lwc_string_unref(scheme);
*result = nsurl_ref(url);
*hsts_in_use = false;
return error;
}
lwc_string_unref(scheme);