From: Daniel Stenberg Date: Thu, 1 Nov 2018 22:45:57 +0000 (+0100) Subject: Curl_follow: accept non-supported schemes for "fake" redirects X-Git-Tag: curl-7_63_0~112 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=2c5ec339ea67f43ac370ae77636a0f915cc5fbeb;p=curl Curl_follow: accept non-supported schemes for "fake" redirects When not actually following the redirect and the target URL is only stored for later retrieval, curl always accepted "non-supported" schemes. This was a regression from 46e164069d1a5230. Reported-by: Brad King Fixes #3210 Closes #3215 --- diff --git a/lib/transfer.c b/lib/transfer.c index b73f94d9e..05ba862c2 100644 --- a/lib/transfer.c +++ b/lib/transfer.c @@ -1514,7 +1514,8 @@ CURLcode Curl_follow(struct Curl_easy *data, disallowport = TRUE; DEBUGASSERT(data->state.uh); - uc = curl_url_set(data->state.uh, CURLUPART_URL, newurl, 0); + uc = curl_url_set(data->state.uh, CURLUPART_URL, newurl, + (type == FOLLOW_FAKE) ? CURLU_NON_SUPPORT_SCHEME : 0); if(uc) return Curl_uc_to_curlcode(uc); diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc index 35c7aa4f5..82aeb88be 100644 --- a/tests/data/Makefile.inc +++ b/tests/data/Makefile.inc @@ -127,7 +127,7 @@ test1120 test1121 test1122 test1123 test1124 test1125 test1126 test1127 \ test1128 test1129 test1130 test1131 test1132 test1133 test1134 test1135 \ test1136 test1137 test1138 test1139 test1140 test1141 test1142 test1143 \ test1144 test1145 test1146 test1147 test1148 test1149 test1150 test1151 \ -test1152 test1153 test1154 test1155 test1156 test1157 test1158 \ +test1152 test1153 test1154 test1155 test1156 test1157 test1158 test1159 \ \ test1160 test1161 test1162 test1163 test1164 \ test1170 test1171 \ diff --git a/tests/data/test1159 b/tests/data/test1159 new file mode 100644 index 000000000..a51601659 --- /dev/null +++ b/tests/data/test1159 @@ -0,0 +1,58 @@ + + + +HTTP +HTTP GET +redirect_url +followlocation +--write-out + + + +# Server-side + + +HTTP/1.1 301 This is a weirdo text message swsclose +Location: ht3p://localhost/ +Content-Length: 62 +Connection: close + +This server reply is for testing a simple Location: following + + + +# Client-side + + +http + + +HTTP Location: and 'redirect_url' with non-supported scheme + + +http://%HOSTIP:%HTTPPORT/we/want/our/1159 -w '%{redirect_url}\n' + + + +# Verify data after the test has been "shot" + + +^User-Agent:.* + + +GET /we/want/our/1159 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + + + +HTTP/1.1 301 This is a weirdo text message swsclose +Location: ht3p://localhost/ +Content-Length: 62 +Connection: close + +This server reply is for testing a simple Location: following +ht3p://localhost/ + + +