Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
Relative URLs are not properly handled during redirection #2488
MultiMC version: 0.6.2-1137
Operating System: Arch Linux on x86_64
Summary of the issue or suggestion:
When following a redirect during library downloading, MultiMC will fail to download the library if the redirect is a relative URL.
What should happen:
MultiMC should follow the redirect and successfully download the library.
Steps to reproduce the issue:
https://paste.ee/p/RCLx2 (Note: personally identifying information has been redacted to the best of my ability)
That's ... remarkable. Someone managed to convince people that they should use this convenient MITM proxy as part of their build chain?
The only question I have is: who is the target? Not whether this is malicious. The potential for malice is so high that it must be there even if unintended.
You are passing source code through a black box that is not under your control and under no supervision, and using the results of that. WOW