http Access: Make sure non-absolute relocation is handled properly in a https...

http Access: Make sure non-absolute relocation is handled properly in a https session (thanks courmish).

http Access: Make sure non-absolute relocation is handled properly in a https...
http Access: Make sure non-absolute relocation is handled properly in a https session (thanks courmish).
c6e9c5ac · Pierre d'Herbemont · 6040c07a · c6e9c5ac
Commit c6e9c5ac authored Mar 28, 2007 by Pierre d'Herbemont
Show whitespace changes
Inline Side-by-side

Showing with 17 additions and 4 deletions

modules/access/http.c modules/access/http.c +17 -4

No files found.
--- a/modules/access/http.c
+++ b/modules/access/http.c
@@ -1080,11 +1080,24 @@ static int Request( access_t *p_access, int64_t i_tell )
        {
            char * psz_new_loc;
-            /* Rework redirection that don't include server name */
+            /* This does not follow RFC 2068, but yet if the url is not absolute,
-            if( !strncmp( p, "/", 1 ) )
+             * handle it as everyone does. */
+            if( !strncmp( p, "/", 1 ) && !strncmp( p_sys->psz_location, "http", 4))
            {
-                asprintf(&psz_new_loc, "http://%s:%d%s", p_sys->url.psz_host,
+                const char *psz_http_ext;
-                        p_sys->url.i_port, p);
+                if( p_sys->psz_location[4] == ':' )
+                    psz_http_ext = "";
+                else if( !strncmp( p_sys->psz_location+4, "s:", 2) )
+                    psz_http_ext = "s";
+                else
+                    psz_http_ext = NULL; /* Shouldn't happen */
+                if( psz_http_ext )
+                {
+                    asprintf(&psz_new_loc, "http%s://%s:%d%s", psz_http_ext,
+                        p_sys->url.psz_host, p_sys->url.i_port, p);
+                }
            }
            else
                psz_new_loc = strdup( p );