diff options
| author | des <des@FreeBSD.org> | 2012-04-30 12:12:48 +0000 |
|---|---|---|
| committer | des <des@FreeBSD.org> | 2012-04-30 12:12:48 +0000 |
| commit | ad64077869a527becbbbfbd77ec33f4246f66797 (patch) | |
| tree | 003f6d8832f6b3250cff1e865714b8cc0bea5b1e /lib | |
| parent | 34d79578aeedbc39d45d249d6c26209e9cd105c2 (diff) | |
| download | FreeBSD-src-ad64077869a527becbbbfbd77ec33f4246f66797.zip FreeBSD-src-ad64077869a527becbbbfbd77ec33f4246f66797.tar.gz | |
Don't reuse credentials if redirected to a different host.
Submitted by: Niels Heinen <heinenn@google.com>
MFC after: 3 weeks
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libfetch/http.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/libfetch/http.c b/lib/libfetch/http.c index 557ff26..f6e063a 100644 --- a/lib/libfetch/http.c +++ b/lib/libfetch/http.c @@ -1779,7 +1779,9 @@ http_request(struct url *URL, const char *op, struct url_stat *us, DEBUG(fprintf(stderr, "failed to parse new URL\n")); goto ouch; } - if (!*new->user && !*new->pwd) { + + /* Only copy credentials if the host matches */ + if (!strcmp(new->host, url->host) && !*new->user && !*new->pwd) { strcpy(new->user, url->user); strcpy(new->pwd, url->pwd); } |
