setcert: check uri before adding a certificate
authorHiltjo Posthuma <hiltjo@codemadness.org>
Sat, 29 Apr 2017 20:16:03 +0000 (22:16 +0200)
committerQuentin Rameau <quinq@fifth.space>
Sun, 30 Apr 2017 09:39:15 +0000 (11:39 +0200)
Also directly check for https scheme, we won't need a certificate for
others.

surf.c

diff --git a/surf.c b/surf.c
index d67d09b..785fa0d 100644 (file)
--- a/surf.c
+++ b/surf.c
@@ -792,14 +792,16 @@ setcert(Client *c, const char *uri)
                return;
        }
 
-       uri = strstr(uri, "://") + sizeof("://") - 1;
-       host = strndup(uri, strstr(uri, "/") - uri);
+       if ((uri = strstr(uri, "https://"))) {
+               uri += sizeof("https://") - 1;
+               host = g_strndup(uri, strchr(uri, '/') - uri);
+               webkit_web_context_allow_tls_certificate_for_host(
+                   webkit_web_view_get_context(c->view), cert, host);
+               g_free(host);
+       }
 
-       webkit_web_context_allow_tls_certificate_for_host(
-           webkit_web_view_get_context(c->view), cert, host);
        g_object_unref(cert);
 
-       free(host);
 }
 
 const char *