diff options
| author | Werner Koch <[email protected]> | 2023-07-04 15:37:54 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2023-07-04 15:37:54 +0000 |
| commit | 334f5d95c825f5c8a0785f6ab7cb6f7e94269a81 (patch) | |
| tree | ef15051d5b299885684c77f876ddbd374b8e5cde /dirmngr/http.c | |
| parent | agent: Fix formatting thread ID of nPth. (diff) | |
| parent | Post release updates (diff) | |
| download | gnupg-334f5d95c825f5c8a0785f6ab7cb6f7e94269a81.tar.gz gnupg-334f5d95c825f5c8a0785f6ab7cb6f7e94269a81.zip | |
Merge branch 'STABLE-BRANCH-2-4' into master
Diffstat (limited to 'dirmngr/http.c')
| -rw-r--r-- | dirmngr/http.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/dirmngr/http.c b/dirmngr/http.c index b4c501736..8153fcef4 100644 --- a/dirmngr/http.c +++ b/dirmngr/http.c @@ -3741,10 +3741,11 @@ http_prepare_redirect (http_redir_info_t *info, unsigned int status_code, http_release_parsed_uri (locuri); return err; } - else if (same_host_p (origuri, locuri)) + else if (!info->restrict_redir || same_host_p (origuri, locuri)) { - /* The host is the same or on an exception list and thus we can - * take the location verbatim. */ + /* Take the syntactically correct location or if restrict_redir + * is set the host is the same or on an exception list and thus + * we can take the location verbatim. */ http_release_parsed_uri (origuri); http_release_parsed_uri (locuri); newurl = xtrystrdup (location); @@ -3754,7 +3755,7 @@ http_prepare_redirect (http_redir_info_t *info, unsigned int status_code, return err; } } - else + else /* Strictly rectricted redirection which we used in the past. */ { /* We take only the host and port from the URL given in the * Location. This limits the effects of redirection attacks by |