summaryrefslogtreecommitdiff
path: root/methods
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2014-02-14 18:59:46 +0100
committerDavid Kalnischkies <david@kalnischkies.de>2014-02-14 19:15:43 +0100
commit889b0072a93a5afe9ffec93ab791d584c64754a0 (patch)
tree64f1d18d6c377144541548e4117e83d2d9f5f81e /methods
parent5543218acdbbeef1d9f6d118e0b86a765c341430 (diff)
add a testcase to check for forbidden https→http downgrades
Git-Dch: Ignore
Diffstat (limited to 'methods')
-rw-r--r--methods/https.cc3
1 files changed, 2 insertions, 1 deletions
diff --git a/methods/https.cc b/methods/https.cc
index 9422df2f0..e713be19f 100644
--- a/methods/https.cc
+++ b/methods/https.cc
@@ -188,7 +188,8 @@ bool HttpsMethod::Fetch(FetchItem *Itm)
// options
curl_easy_setopt(curl, CURLOPT_NOPROGRESS, false);
curl_easy_setopt(curl, CURLOPT_FILETIME, true);
- // only allow redirects to https
+ // only allow curl to handle https, not the other stuff it supports
+ curl_easy_setopt(curl, CURLOPT_PROTOCOLS, CURLPROTO_HTTPS);
curl_easy_setopt(curl, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTPS);
// SSL parameters are set by default to the common (non mirror-specific) value