From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 15 Aug 2016 08:46:27 +0000 (+0200)
Subject: proxy: reject attempts to use unsupported proxy schemes
X-Git-Tag: curl-7_50_2~74
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=a96319ebb934ac8d3df4b88c8eb0d7ba00d5f883;p=curl

proxy: reject attempts to use unsupported proxy schemes

I discovered some people have been using "https://example.com" style
strings as proxy and it "works" (curl doesn't complain) because curl
ignores unknown schemes and then assumes plain HTTP instead.

I think this misleads users into believing curl uses HTTPS to proxies
when it doesn't. Now curl rejects proxy strings using unsupported
schemes instead of just ignoring and defaulting to HTTP.
---

diff --git a/lib/url.c b/lib/url.c
index bda3ccddb..153a05492 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -4706,7 +4706,13 @@ static CURLcode parse_proxy(struct Curl_easy *data,
       conn->proxytype = CURLPROXY_SOCKS4A;
     else if(checkprefix("socks4", proxy) || checkprefix("socks", proxy))
       conn->proxytype = CURLPROXY_SOCKS4;
-    /* Any other xxx:// : change to http proxy */
+    else if(checkprefix("http:", proxy))
+      ; /* leave it as HTTP or HTTP/1.0 */
+    else {
+      /* Any other xxx:// reject! */
+      failf(data, "No support for proxy over the \'%s\' scheme", proxy);
+      return CURLE_COULDNT_CONNECT;
+    }
   }
   else
     proxyptr = proxy; /* No xxx:// head: It's a HTTP proxy */