url: make sure an HSTS upgrade updates URL and scheme correctly

Closes #6175
author: Daniel Stenberg <daniel@haxx.se> 2020-11-05 09:18:52 +0100
committer: Daniel Stenberg <daniel@haxx.se> 2020-11-06 08:22:31 +0100
commit: 20558ff269708bdc796558f7352fa95d82b9b55e (patch)
tree: 5031c5322bacff2dbbaf61c74cdf61280d01d779
parent: f7e72f4d5cda12e9a3881a37c8557885342bc5c5 (diff)
download: curl-20558ff269708bdc796558f7352fa95d82b9b55e.tar.gz
1 files changed, 20 insertions, 2 deletions
diff --git a/lib/url.c b/lib/url.c
index b01d470e5..381f98dc6 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -1922,8 +1922,26 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data,
 
 #ifdef USE_HSTS
   if(data->hsts && strcasecompare("http", data->state.up.scheme)) {
-    if(Curl_hsts(data->hsts, data->state.up.hostname, TRUE))
-      infof(data, "Switch from HTTP to HTTPS due to HSTS!\n");
+    if(Curl_hsts(data->hsts, data->state.up.hostname, TRUE)) {
+      char *url;
+      Curl_safefree(data->state.up.scheme);
+      uc = curl_url_set(uh, CURLUPART_SCHEME, "https", 0);
+      if(uc)
+        return Curl_uc_to_curlcode(uc);
+      if(data->change.url_alloc)
+        Curl_safefree(data->change.url);
+      /* after update, get the updated version */
+      uc = curl_url_get(uh, CURLUPART_URL, &url, 0);
+      if(uc)
+        return Curl_uc_to_curlcode(uc);
+      uc = curl_url_get(uh, CURLUPART_SCHEME, &data->state.up.scheme, 0);
+      if(uc)
+        return Curl_uc_to_curlcode(uc);
+      data->change.url = url;
+      data->change.url_alloc = TRUE;
+      infof(data, "Switched from HTTP to HTTPS due to HSTS => %s\n",
+            data->change.url);
+    }
   }
 #endif
author	Daniel Stenberg <daniel@haxx.se>	2020-11-05 09:18:52 +0100
committer	Daniel Stenberg <daniel@haxx.se>	2020-11-06 08:22:31 +0100
commit	20558ff269708bdc796558f7352fa95d82b9b55e (patch)
tree	5031c5322bacff2dbbaf61c74cdf61280d01d779
parent	f7e72f4d5cda12e9a3881a37c8557885342bc5c5 (diff)
download	curl-20558ff269708bdc796558f7352fa95d82b9b55e.tar.gz