From 1a76517470ebc2dd3f96e39ebe6f3706d6dd78da Mon Sep 17 00:00:00 2001
From: Julian Andres Klode <jak@debian.org>
Date: Sat, 21 Oct 2017 15:44:43 +0200
Subject: Run Proxy-Auto-Detect script from main process

This avoids running the Proxy-Auto-Detect script inside the
untrusted (well, less trusted for now) sandbox. This will allow
us to restrict the http method from fork()ing or exec()ing via
seccomp.
---
 methods/http.cc | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'methods/http.cc')

diff --git a/methods/http.cc b/methods/http.cc
index fc22180d3..cbc77f477 100644
--- a/methods/http.cc
+++ b/methods/http.cc
@@ -427,7 +427,9 @@ bool HttpServerState::Open()
    Persistent = true;
    
    // Determine the proxy setting
-   AutoDetectProxy(ServerName);
+   // Used to run AutoDetectProxy(ServerName) here, but we now send a Proxy
+   // header in the URI Acquire request and set "Acquire::"+uri.Access+"::proxy::"+uri.Host
+   // to it in BaseHttpMethod::Loop()
    string SpecificProxy = Owner->ConfigFind("Proxy::" + ServerName.Host, "");
    if (!SpecificProxy.empty())
    {
-- 
cgit v1.2.3