disable https->http redirects in libcurl

This change prevents changing the protocol from https to http.
author: Michael Vogt <mvo@debian.org> 2014-02-14 17:11:07 +0100
committer: Michael Vogt <mvo@debian.org> 2014-02-14 19:10:47 +0100
commit: dc95fee18e8df2b00404c7d0f321f5b78e00f170 (patch)
tree: af4340d89e8d611cdb37a39b27c7d9ab5f0015fd /methods
parent: 3f621056f7f672988c0efc6d38935c22b5ae041f (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/methods/https.cc b/methods/https.cc
index d97fddf9e..9422df2f0 100644
--- a/methods/https.cc
+++ b/methods/https.cc
@@ -185,8 +185,11 @@ bool HttpsMethod::Fetch(FetchItem *Itm)
    curl_easy_setopt(curl, CURLOPT_WRITEDATA, this);
    curl_easy_setopt(curl, CURLOPT_PROGRESSFUNCTION, progress_callback);
    curl_easy_setopt(curl, CURLOPT_PROGRESSDATA, this);
+   // options
    curl_easy_setopt(curl, CURLOPT_NOPROGRESS, false);
    curl_easy_setopt(curl, CURLOPT_FILETIME, true);
+   // only allow redirects to https
+   curl_easy_setopt(curl, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTPS);
 
    // SSL parameters are set by default to the common (non mirror-specific) value
    // if available (or a default one) and gets overload by mirror-specific ones.
author	Michael Vogt <mvo@debian.org>	2014-02-14 17:11:07 +0100
committer	Michael Vogt <mvo@debian.org>	2014-02-14 19:10:47 +0100
commit	dc95fee18e8df2b00404c7d0f321f5b78e00f170 (patch)
tree	af4340d89e8d611cdb37a39b27c7d9ab5f0015fd /methods
parent	3f621056f7f672988c0efc6d38935c22b5ae041f (diff)