This repository has been archived by the owner on Oct 1, 2020. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Added patch to return failure when handling http redirect without hos…
…tname.
- Loading branch information
Showing
3 changed files
with
122 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
91 changes: 91 additions & 0 deletions
91
patches/wininet-Redirect/0001-wininet-Return-failure-when-handling-http-redirect-w.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,91 @@ | ||
From 766c2610e0be47ab4fb30d0fb0782dec26e2a13d Mon Sep 17 00:00:00 2001 | ||
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de> | ||
Date: Wed, 29 Mar 2017 03:05:05 +0200 | ||
Subject: wininet: Return failure when handling http redirect without hostname. | ||
|
||
--- | ||
dlls/wininet/http.c | 3 +++ | ||
dlls/wininet/tests/http.c | 32 ++++++++++++++++++++++++++++++++ | ||
2 files changed, 35 insertions(+) | ||
|
||
diff --git a/dlls/wininet/http.c b/dlls/wininet/http.c | ||
index f01081843b..b5acc59fdf 100644 | ||
--- a/dlls/wininet/http.c | ||
+++ b/dlls/wininet/http.c | ||
@@ -4057,6 +4057,9 @@ static DWORD HTTP_HandleRedirect(http_request_t *request, LPCWSTR lpszUrl) | ||
if(!InternetCrackUrlW(lpszUrl, strlenW(lpszUrl), 0, &urlComponents)) | ||
return INTERNET_GetLastError(); | ||
|
||
+ if (!urlComponents.dwHostNameLength) | ||
+ return ERROR_INTERNET_INVALID_URL; | ||
+ | ||
if(urlComponents.nScheme == INTERNET_SCHEME_HTTP) { | ||
if(request->hdr.dwFlags & INTERNET_FLAG_SECURE) { | ||
TRACE("redirect from secure page to non-secure page\n"); | ||
diff --git a/dlls/wininet/tests/http.c b/dlls/wininet/tests/http.c | ||
index 940765c5b6..7a5691a816 100644 | ||
--- a/dlls/wininet/tests/http.c | ||
+++ b/dlls/wininet/tests/http.c | ||
@@ -2062,6 +2062,12 @@ static const char ok_with_length2[] = | ||
"Content-Length: 19\r\n\r\n" | ||
"HTTP/1.1 211 OK\r\n\r\n"; | ||
|
||
+static const char redir_no_host[] = | ||
+"HTTP/1.1 302 Found\r\n" | ||
+"Location: http:///test1\r\n" | ||
+"Server: winetest\r\n" | ||
+"\r\n"; | ||
+ | ||
struct server_info { | ||
HANDLE hEvent; | ||
int port; | ||
@@ -2472,6 +2478,10 @@ static DWORD CALLBACK server_thread(LPVOID param) | ||
else | ||
send(c, noauthmsg, sizeof noauthmsg-1, 0); | ||
} | ||
+ if (strstr(buffer, "GET /test_redirect_no_host")) | ||
+ { | ||
+ send(c, redir_no_host, sizeof redir_no_host-1, 0); | ||
+ } | ||
shutdown(c, 2); | ||
closesocket(c); | ||
c = -1; | ||
@@ -5492,6 +5502,27 @@ static void test_remove_dot_segments(int port) | ||
close_request(&req); | ||
} | ||
|
||
+static void test_redirect(int port) | ||
+{ | ||
+ test_request_t req; | ||
+ BOOL ret; | ||
+ | ||
+ open_simple_request(&req, "localhost", port, NULL, "/test_redirect_no_host"); | ||
+ ret = HttpSendRequestA(req.request, NULL, 0, NULL, 0); | ||
+ if (ret) | ||
+ { | ||
+ trace("Succeeded with status code 302\n"); | ||
+ test_status_code(req.request, 302); | ||
+ } | ||
+ else | ||
+ { | ||
+ trace("Failed with error ERROR_INTERNET_INVALID_URL\n"); | ||
+ ok(GetLastError() == ERROR_INTERNET_INVALID_URL, | ||
+ "Expected error ERROR_INTERNET_INVALID_URL, got %u\n", GetLastError()); | ||
+ } | ||
+ close_request(&req); | ||
+} | ||
+ | ||
static void test_http_connection(void) | ||
{ | ||
struct server_info si; | ||
@@ -5545,6 +5576,7 @@ static void test_http_connection(void) | ||
test_connection_break(si.port); | ||
test_long_url(si.port); | ||
test_remove_dot_segments(si.port); | ||
+ test_redirect(si.port); | ||
|
||
/* send the basic request again to shutdown the server thread */ | ||
test_basic_request(si.port, "GET", "/quit"); | ||
-- | ||
2.11.0 | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
Fixes: [41398] Return failure when handling http redirect without hostname | ||
Depends: wininet-Cleanup |