From 81b41095efd1f5b88ad8c84d10d1963278a06752 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Tue, 20 Sep 2011 11:13:32 +0200
Subject: [PATCH] Curl_follow: handle redirects to "//hostname/path"

---
 lib/transfer.c         | 49 ++++++++++++++++-----------
 tests/data/Makefile.am |  1 +
 tests/data/test1314    | 77 ++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 108 insertions(+), 19 deletions(-)
 create mode 100644 tests/data/test1314

diff --git a/lib/transfer.c b/lib/transfer.c
index 4ddd0568b..3d243674a 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -1699,26 +1699,37 @@ static char *concat_url(const char *base, const char *relurl)
     }
   }
   else {
-    /* We got a new absolute path for this server, cut off from the
-       first slash */
-    pathsep = strchr(protsep, '/');
-    if(pathsep) {
-      /* When people use badly formatted URLs, such as
-         "http://www.url.com?dir=/home/daniel" we must not use the first
-         slash, if there's a ?-letter before it! */
-      char *sep = strchr(protsep, '?');
-      if(sep && (sep < pathsep))
-        pathsep = sep;
-      *pathsep=0;
+    /* We got a new absolute path for this server */
+
+    if((relurl[0] == '/') && (relurl[1] == '/')) {
+      /* the new URL starts with //, just keep the protocol part from the
+         original one */
+      *protsep=0;
+      useurl = &relurl[2]; /* we keep the slashes from the original, so we
+                              skip the new ones */
     }
     else {
-      /* There was no slash. Now, since we might be operating on a badly
-         formatted URL, such as "http://www.url.com?id=2380" which doesn't
-         use a slash separator as it is supposed to, we need to check for a
-         ?-letter as well! */
-      pathsep = strchr(protsep, '?');
-      if(pathsep)
+      /* cut off the original URL from the first slash, or deal with URLs
+         without slash */
+      pathsep = strchr(protsep, '/');
+      if(pathsep) {
+        /* When people use badly formatted URLs, such as
+           "http://www.url.com?dir=/home/daniel" we must not use the first
+           slash, if there's a ?-letter before it! */
+        char *sep = strchr(protsep, '?');
+        if(sep && (sep < pathsep))
+          pathsep = sep;
         *pathsep=0;
+      }
+      else {
+        /* There was no slash. Now, since we might be operating on a badly
+           formatted URL, such as "http://www.url.com?id=2380" which doesn't
+           use a slash separator as it is supposed to, we need to check for a
+           ?-letter as well! */
+        pathsep = strchr(protsep, '?');
+        if(pathsep)
+          *pathsep=0;
+      }
     }
   }
 
@@ -1731,8 +1742,8 @@ static char *concat_url(const char *base, const char *relurl)
 
   urllen = strlen(url_clone);
 
-  newest = malloc( urllen + 1 + /* possible slash */
-                         newlen + 1 /* zero byte */);
+  newest = malloc(urllen + 1 + /* possible slash */
+                  newlen + 1 /* zero byte */);
 
   if(!newest) {
     free(url_clone); /* don't leak this */
diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
index ea92cf979..eaafe12f9 100644
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@@ -75,6 +75,7 @@ test1118 test1119 test1120 test1121 test1122 test1123 test1124 test1125	\
 test1126 test1127 test1128 test1129 test1130 test1131 test1200 test1201	\
 test1202 test1203 test1300 test1301 test1302 test1303 test1304 test1305	\
 test1306 test1307 test1308 test1309 test1310 test1311 test1312 test1313 \
+test1314 \
 test2000 test2001 test2002 test2003 test2004
 
 EXTRA_DIST = $(TESTCASES) DISABLED
diff --git a/tests/data/test1314 b/tests/data/test1314
new file mode 100644
index 000000000..0f4ec0b7f
--- /dev/null
+++ b/tests/data/test1314
@@ -0,0 +1,77 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+followlocation
+</keywords>
+</info>
+# Server-side
+<reply>
+<data>
+HTTP/1.1 301 This is a weirdo text message swsbounce
+Server: test-server/fake
+Location: //somewhere.example.com/reply/1314
+Content-Length: 32
+Connection: close
+
+Redirect to the same URL again!
+</data>
+
+<data1>
+HTTP/1.1 200 okidoki
+Server: test-server/fake
+Content-Length: 4
+Connection: close
+
+moo
+</data>
+
+<datacheck>
+HTTP/1.1 301 This is a weirdo text message swsbounce
+Server: test-server/fake
+Location: //somewhere.example.com/reply/1314
+Content-Length: 32
+Connection: close
+
+HTTP/1.1 200 okidoki
+Server: test-server/fake
+Content-Length: 4
+Connection: close
+
+moo
+</datacheck>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+ <name>
+HTTP Location: following a // prefixed url
+ </name>
+ <command>
+http://firstplace.example.com/want/1314 -L -x http://%HOSTIP:%HTTPPORT
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent: curl/.*
+</strip>
+<protocol>
+GET http://firstplace.example.com/want/1314 HTTP/1.1
+Host: firstplace.example.com
+Accept: */*
+Proxy-Connection: Keep-Alive
+
+GET http://somewhere.example.com/reply/1314 HTTP/1.1
+Host: somewhere.example.com
+Accept: */*
+Proxy-Connection: Keep-Alive
+
+</protocol>
+</verify>
+</testcase>