diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2022-12-19 08:36:55 +0100 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2022-12-19 11:04:15 +0100 |
| commit | 9e71901634e276dd050481c4320f046bebb1bc28 (patch) | |
| tree | 6c8ff88d9b3f99c339b19f79e161521718495c2a | |
| parent | 46441955bfcce0c92e90e3e65b465df0c9577682 (diff) | |
| download | curl-9e71901634e276dd050481c4320f046bebb1bc28.tar.gz | |
http: use the IDN decoded name in HSTS checks
Otherwise it stores the info HSTS into the persistent cache for the IDN
name which will not match when the HSTS status is later checked for
using the decoded name.
Reported-by: Hiroki Kurosawa
Closes #10111
| -rw-r--r-- | lib/http.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/http.c b/lib/http.c index 85528a221..a784745a8 100644 --- a/lib/http.c +++ b/lib/http.c @@ -3646,7 +3646,7 @@ CURLcode Curl_http_header(struct Curl_easy *data, struct connectdata *conn, #endif )) { CURLcode check = - Curl_hsts_parse(data->hsts, data->state.up.hostname, + Curl_hsts_parse(data->hsts, conn->host.name, headp + strlen("Strict-Transport-Security:")); if(check) infof(data, "Illegal STS header skipped"); |