curl/curl
1
1
Fork 0
mirror of https://github.com/curl/curl.git synced 2025-09-16 09:02:40 +03:00
Code Issues Packages Projects Releases Wiki Activity

http: use the IDN decoded name in HSTS checks

Browse Source 
Otherwise it stores the info HSTS into the persistent cache for the IDN
name which will not match when the HSTS status is later checked for
using the decoded name.

Reported-by: Hiroki Kurosawa

Closes #10111
This commit is contained in:
Daniel Stenberg 2022-12-19 08:36:55 +01:00
parent 46441955bf
commit 9e71901634
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/http.c
View File

@ -3646,7 +3646,7 @@ CURLcode Curl_http_header(struct Curl_easy *data, struct connectdata *conn,
#endif #endif
)) { )) {
CURLcode check = CURLcode check =
Curl_hsts_parse(data->hsts, data->state.up.hostname, Curl_hsts_parse(data->hsts, conn->host.name,
headp + strlen("Strict-Transport-Security:")); headp + strlen("Strict-Transport-Security:"));
if(check) if(check)
infof(data, "Illegal STS header skipped"); infof(data, "Illegal STS header skipped");