From a96319ebb934ac8d3df4b88c8eb0d7ba00d5f883 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 15 Aug 2016 10:46:27 +0200 Subject: proxy: reject attempts to use unsupported proxy schemes I discovered some people have been using "https://example.com" style strings as proxy and it "works" (curl doesn't complain) because curl ignores unknown schemes and then assumes plain HTTP instead. I think this misleads users into believing curl uses HTTPS to proxies when it doesn't. Now curl rejects proxy strings using unsupported schemes instead of just ignoring and defaulting to HTTP. --- lib/url.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/lib/url.c b/lib/url.c index bda3ccddb..153a05492 100644 --- a/lib/url.c +++ b/lib/url.c @@ -4706,7 +4706,13 @@ static CURLcode parse_proxy(struct Curl_easy *data, conn->proxytype = CURLPROXY_SOCKS4A; else if(checkprefix("socks4", proxy) || checkprefix("socks", proxy)) conn->proxytype = CURLPROXY_SOCKS4; - /* Any other xxx:// : change to http proxy */ + else if(checkprefix("http:", proxy)) + ; /* leave it as HTTP or HTTP/1.0 */ + else { + /* Any other xxx:// reject! */ + failf(data, "No support for proxy over the \'%s\' scheme", proxy); + return CURLE_COULDNT_CONNECT; + } } else proxyptr = proxy; /* No xxx:// head: It's a HTTP proxy */ -- cgit v1.2.3