mirror/The-Powder-Toy
1
0
Fork 0
mirror of https://github.com/The-Powder-Toy/The-Powder-Toy.git synced 2025-08-20 23:21:20 +02:00
Code Issues Projects Releases Wiki Activity

Prevent protocol downgrade attacks

Browse Source
This commit is contained in:
Tamás Bálint Misius
2019-08-02 01:31:02 +02:00
parent 89ef7ce216
commit 7158a00f44
2 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/Config.h
View File

@@ -89,6 +89,7 @@
#define SERVER "powdertoy.co.uk" #define SERVER "powdertoy.co.uk"
#define STATICSCHEME "https://" #define STATICSCHEME "https://"
#define STATICSERVER "static.powdertoy.co.uk" #define STATICSERVER "static.powdertoy.co.uk"
#define ENFORCE_HTTPS
#define LOCAL_SAVE_DIR "Saves" #define LOCAL_SAVE_DIR "Saves"

8
src/client/http/Request.cpp
View File

@@ -157,6 +157,14 @@ namespace http
#endif #endif
curl_easy_setopt(easy, CURLOPT_FOLLOWLOCATION, 1L); curl_easy_setopt(easy, CURLOPT_FOLLOWLOCATION, 1L);
#ifdef ENFORCE_HTTPS
curl_easy_setopt(easy, CURLOPT_PROTOCOLS, CURLPROTO_HTTPS);
curl_easy_setopt(easy, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTPS);
#else
curl_easy_setopt(easy, CURLOPT_PROTOCOLS, CURLPROTO_HTTPS | CURLPROTO_HTTP);
curl_easy_setopt(easy, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTPS | CURLPROTO_HTTP);
#endif
curl_easy_setopt(easy, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2);
curl_easy_setopt(easy, CURLOPT_MAXREDIRS, 10L); curl_easy_setopt(easy, CURLOPT_MAXREDIRS, 10L);
curl_easy_setopt(easy, CURLOPT_ERRORBUFFER, error_buffer); curl_easy_setopt(easy, CURLOPT_ERRORBUFFER, error_buffer);