From edddfbc14ac3a4413f38171e8fd7767ae56e27bf Mon Sep 17 00:00:00 2001 From: Hiltjo Posthuma Date: Sat, 29 Apr 2017 22:16:03 +0200 Subject: setcert: check uri before adding a certificate Also directly check for https scheme, we won't need a certificate for others. --- surf.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/surf.c b/surf.c index d67d09b..785fa0d 100644 --- a/surf.c +++ b/surf.c @@ -792,14 +792,16 @@ setcert(Client *c, const char *uri) return; } - uri = strstr(uri, "://") + sizeof("://") - 1; - host = strndup(uri, strstr(uri, "/") - uri); + if ((uri = strstr(uri, "https://"))) { + uri += sizeof("https://") - 1; + host = g_strndup(uri, strchr(uri, '/') - uri); + webkit_web_context_allow_tls_certificate_for_host( + webkit_web_view_get_context(c->view), cert, host); + g_free(host); + } - webkit_web_context_allow_tls_certificate_for_host( - webkit_web_view_get_context(c->view), cert, host); g_object_unref(cert); - free(host); } const char * -- cgit v1.2.3