From c0974d9910d60f4b4ce6977508da1aa7b90cefb8 Mon Sep 17 00:00:00 2001
From: uu1101 <uu1101@gmail.com>
Date: Sun, 9 Feb 2014 19:07:47 +0100
Subject: [PATCH] Don't support relative redirects

---
 src/HTTPSock.cpp | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/src/HTTPSock.cpp b/src/HTTPSock.cpp
index a3936802..042b87d7 100644
--- a/src/HTTPSock.cpp
+++ b/src/HTTPSock.cpp
@@ -725,16 +725,19 @@ bool CHTTPSock::Redirect(const CString& sURL) {
 	if (SentHeader()) {
 		DEBUG("Redirect() - Header was already sent");
 		return false;
+	} else if(!sURL.StartsWith("/")) {
+		// HTTP/1.1 only admits absolute URIs for the Location header.
+		DEBUG("Redirect to relative URI [" + sURL + "] is not allowed.");
+		return false;
+	} else {
+		CString location = m_sURIPrefix + sURL;
+
+		DEBUG("- Redirect to [" << location << "] with prefix [" + m_sURIPrefix + "]");
+		AddHeader("Location", location);
+		PrintErrorPage(302, "Found", "The document has moved <a href=\"" + location.Escape_n(CString::EHTML) + "\">here</a>.");
+
+		return true;
 	}
-
-	// Prepend the URIPrefix to all redirects.
-	CString location = m_sURIPrefix + sURL;
-
-	DEBUG("- Redirect to [" << location << "] with prefix [" + m_sURIPrefix + "]");
-	AddHeader("Location", location);
-	PrintErrorPage(302, "Found", "The document has moved <a href=\"" + location.Escape_n(CString::EHTML) + "\">here</a>.");
-
-	return true;
 }
 
 void CHTTPSock::Connected() {