From 338e1aa6ca8edc1f4a004f73864067dba2cfa422 Mon Sep 17 00:00:00 2001 From: Daniel Carl Date: Fri, 28 Nov 2014 09:12:32 +0100 Subject: [PATCH] Revert "Fixed wrong hsts protocol comparison (#146)." This reverts commit 279c46e6a2384017fe841bc46c4ce3a9844b5e3e. --- src/hsts.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/hsts.c b/src/hsts.c index ee2a8b5..c05a1f5 100644 --- a/src/hsts.c +++ b/src/hsts.c @@ -102,7 +102,7 @@ char *hsts_get_changed_uri(SoupSession* session, SoupMessage *msg) provider = HSTS_PROVIDER(feature); /* if URI uses still https we don't nee to rewrite it */ - if (strcmp(uri->scheme, SOUP_URI_SCHEME_HTTPS) + if (uri->scheme != SOUP_URI_SCHEME_HTTPS && should_secure_host(provider, uri->host) ) { /* the ports is set by soup uri if scheme is changed */ @@ -343,7 +343,7 @@ static void request_queued(SoupSessionFeature *feature, HSTSProvider *provider = HSTS_PROVIDER(feature); /* only look for HSTS headers sent over https RFC 6797 7.2*/ - if (!strcmp(uri->scheme, SOUP_URI_SCHEME_HTTPS)) { + if (uri->scheme == SOUP_URI_SCHEME_HTTPS) { soup_message_add_header_handler( msg, "got-headers", HSTS_HEADER_NAME, G_CALLBACK(process_hsts_header), feature ); @@ -363,7 +363,7 @@ static void request_started(SoupSessionFeature *feature, GTlsCertificateFlags errors; if (should_secure_host(provider, uri->host)) { - if (strcmp(uri->scheme, SOUP_URI_SCHEME_HTTPS) + if (uri->scheme != SOUP_URI_SCHEME_HTTPS || (soup_message_get_https_status(msg, &certificate, &errors) && errors) ) { soup_session_cancel_message(session, msg, SOUP_STATUS_SSL_FAILED); -- 2.20.1