flywithu/android-library
1
0
Fork 0
mirror of https://github.com/owncloud/android-library.git synced 2025-06-08 00:16:09 +00:00
Code Issues Releases Wiki Activity

Fixed logic of HTTPS downgrade detection for multiple redirections, and grant that redirection if followed for HTTP servers

Browse Source
This commit is contained in:
David A. Velasco 2014-08-06 11:16:17 +02:00
parent 07f3d9caae
commit e43e43f51a
1 changed files with 20 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/com/owncloud/android/lib/resources/status/GetRemoteStatusOperation.java
View File

@ -85,12 +85,14 @@ public class GetRemoteStatusOperation extends RemoteOperation {
get.getResponseHeaders() get.getResponseHeaders()
); );
if (baseUrlSt.startsWith("https://")) {
String redirectedLocation = mLatestResult.getRedirectedLocation(); String redirectedLocation = mLatestResult.getRedirectedLocation();
while (redirectedLocation != null && redirectedLocation.length() > 0 while (redirectedLocation != null && redirectedLocation.length() > 0
&& !mLatestResult.isSuccess()) { && !mLatestResult.isSuccess()) {
isRedirectToNonSecureConnection = redirectedLocation.startsWith("http://"); isRedirectToNonSecureConnection |= (
baseUrlSt.startsWith("https://") &&
redirectedLocation.startsWith("http://")
);
get.releaseConnection(); get.releaseConnection();
get = new GetMethod(redirectedLocation); get = new GetMethod(redirectedLocation);
status = client.executeMethod( status = client.executeMethod(
@ -103,7 +105,6 @@ public class GetRemoteStatusOperation extends RemoteOperation {
); );
redirectedLocation = mLatestResult.getRedirectedLocation(); redirectedLocation = mLatestResult.getRedirectedLocation();
} }
}
String response = get.getResponseBodyAsString(); String response = get.getResponseBodyAsString();
if (status == HttpStatus.SC_OK) { if (status == HttpStatus.SC_OK) {