summaryrefslogtreecommitdiff
path: root/test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted
diff options
context:
space:
mode:
authorJulian Andres Klode <jak@debian.org>2016-12-29 14:16:07 +0100
committerJulian Andres Klode <jak@debian.org>2017-01-17 15:48:44 +0100
commit9229494fa1744d26ed4b116d9cc3512c60e1a1da (patch)
treee2ca0595ed5e56a6380feb187d032fe63a8937c8 /test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted
parent9a5b6c8cab4ba52788e8467b08e1669aef62c61c (diff)
https: Quote path in URL before passing it to curl
Curl requires URLs to be urlencoded. We are however giving it undecoded URLs. This causes it go completely nuts if there is a space in the URI, producing requests like: GET /a file HTTP/1.1 which the servers then interpret as a GET request for "/a" with HTTP version "file" or some other non-sense. This works around the issue by encoding the path component of the URL. I'm not sure if we should encode other parts of the URL as well, this one seems to do the trick for the actual issue at hand. A more correct fix is to avoid the dequoting and (re-)quoting of URLs when a redirect occurs / a new request is sent. That's been on the radar for probably a year or two now, but nobody bothered implementing that yet. LP: #1651923 (cherry picked from commit 994515e689dcc5f963f5fed58284831750a5da03) (cherry picked from commit 438b1d78b4c33d0a97406f0a7071e3c413dc0aa3)
Diffstat (limited to 'test/integration/test-bug-617690-allow-unauthenticated-makes-all-untrusted')
0 files changed, 0 insertions, 0 deletions