zzz/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

EepGet: Refuse attempted redirect to HTTPS, won't work

Browse Source
This commit is contained in:
zzz
2017-11-21 00:58:44 +00:00
parent 173823695f
commit 07a83bf310
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
core/java/src/net/i2p/util/EepGet.java
View File

@@ -720,6 +720,8 @@ public class EepGet {
try { try {
if (_redirectLocation.startsWith("http://")) { if (_redirectLocation.startsWith("http://")) {
_actualURL = _redirectLocation; _actualURL = _redirectLocation;
} else if (_redirectLocation.startsWith("https://")) {
throw new IOException("Redirect to https unsupported");
} else { } else {
// the Location: field has been required to be an absolute URI at least since // the Location: field has been required to be an absolute URI at least since
// RFC 1945 (HTTP/1.0 1996), so it isn't clear what the point of this is. // RFC 1945 (HTTP/1.0 1996), so it isn't clear what the point of this is.