From 81b41095efd1f5b88ad8c84d10d1963278a06752 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 20 Sep 2011 11:13:32 +0200 Subject: [PATCH] Curl_follow: handle redirects to "//hostname/path" --- lib/transfer.c | 49 +++++++++++++++++++------------- tests/data/Makefile.am | 1 + tests/data/test1314 | 77 ++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 108 insertions(+), 19 deletions(-) create mode 100644 tests/data/test1314 diff --git a/lib/transfer.c b/lib/transfer.c index 4ddd056..3d24367 100644 --- a/lib/transfer.c +++ b/lib/transfer.c @@ -1699,26 +1699,37 @@ static char *concat_url(const char *base, const char *relurl) } } else { - /* We got a new absolute path for this server, cut off from the - first slash */ - pathsep = strchr(protsep, '/'); - if(pathsep) { - /* When people use badly formatted URLs, such as - "http://www.url.com?dir=/home/daniel" we must not use the first - slash, if there's a ?-letter before it! */ - char *sep = strchr(protsep, '?'); - if(sep && (sep < pathsep)) - pathsep = sep; - *pathsep=0; + /* We got a new absolute path for this server */ + + if((relurl[0] == '/') && (relurl[1] == '/')) { + /* the new URL starts with //, just keep the protocol part from the + original one */ + *protsep=0; + useurl = &relurl[2]; /* we keep the slashes from the original, so we + skip the new ones */ } else { - /* There was no slash. Now, since we might be operating on a badly - formatted URL, such as "http://www.url.com?id=2380" which doesn't - use a slash separator as it is supposed to, we need to check for a - ?-letter as well! */ - pathsep = strchr(protsep, '?'); - if(pathsep) + /* cut off the original URL from the first slash, or deal with URLs + without slash */ + pathsep = strchr(protsep, '/'); + if(pathsep) { + /* When people use badly formatted URLs, such as + "http://www.url.com?dir=/home/daniel" we must not use the first + slash, if there's a ?-letter before it! */ + char *sep = strchr(protsep, '?'); + if(sep && (sep < pathsep)) + pathsep = sep; *pathsep=0; + } + else { + /* There was no slash. Now, since we might be operating on a badly + formatted URL, such as "http://www.url.com?id=2380" which doesn't + use a slash separator as it is supposed to, we need to check for a + ?-letter as well! */ + pathsep = strchr(protsep, '?'); + if(pathsep) + *pathsep=0; + } } } @@ -1731,8 +1742,8 @@ static char *concat_url(const char *base, const char *relurl) urllen = strlen(url_clone); - newest = malloc( urllen + 1 + /* possible slash */ - newlen + 1 /* zero byte */); + newest = malloc(urllen + 1 + /* possible slash */ + newlen + 1 /* zero byte */); if(!newest) { free(url_clone); /* don't leak this */ diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index ea92cf9..eaafe12 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -75,6 +75,7 @@ test1118 test1119 test1120 test1121 test1122 test1123 test1124 test1125 \ test1126 test1127 test1128 test1129 test1130 test1131 test1200 test1201 \ test1202 test1203 test1300 test1301 test1302 test1303 test1304 test1305 \ test1306 test1307 test1308 test1309 test1310 test1311 test1312 test1313 \ +test1314 \ test2000 test2001 test2002 test2003 test2004 EXTRA_DIST = $(TESTCASES) DISABLED diff --git a/tests/data/test1314 b/tests/data/test1314 new file mode 100644 index 0000000..0f4ec0b --- /dev/null +++ b/tests/data/test1314 @@ -0,0 +1,77 @@ + + + +HTTP +HTTP GET +followlocation + + +# Server-side + + +HTTP/1.1 301 This is a weirdo text message swsbounce +Server: test-server/fake +Location: //somewhere.example.com/reply/1314 +Content-Length: 32 +Connection: close + +Redirect to the same URL again! + + + +HTTP/1.1 200 okidoki +Server: test-server/fake +Content-Length: 4 +Connection: close + +moo + + + +HTTP/1.1 301 This is a weirdo text message swsbounce +Server: test-server/fake +Location: //somewhere.example.com/reply/1314 +Content-Length: 32 +Connection: close + +HTTP/1.1 200 okidoki +Server: test-server/fake +Content-Length: 4 +Connection: close + +moo + + + +# Client-side + + +http + + +HTTP Location: following a // prefixed url + + +http://firstplace.example.com/want/1314 -L -x http://%HOSTIP:%HTTPPORT + + + +# Verify data after the test has been "shot" + + +^User-Agent: curl/.* + + +GET http://firstplace.example.com/want/1314 HTTP/1.1 +Host: firstplace.example.com +Accept: */* +Proxy-Connection: Keep-Alive + +GET http://somewhere.example.com/reply/1314 HTTP/1.1 +Host: somewhere.example.com +Accept: */* +Proxy-Connection: Keep-Alive + + + + -- 2.7.4