Fixed logic of HTTPS downgrade detection for multiple redirections, and grant... (e43e43f5) · Commits · e / os / Nextcloud Android Library

src/com/owncloud/android/lib/resources/status/GetRemoteStatusOperation.java

+20 −19

Original line number	Original line	Diff line number	Diff line
	@@ -85,12 +85,14 @@ public class GetRemoteStatusOperation extends RemoteOperation {
	get.getResponseHeaders()		get.getResponseHeaders()
	);		);

	if (baseUrlSt.startsWith("https://")) {
	String redirectedLocation = mLatestResult.getRedirectedLocation();		String redirectedLocation = mLatestResult.getRedirectedLocation();
	while (redirectedLocation != null && redirectedLocation.length() > 0		while (redirectedLocation != null && redirectedLocation.length() > 0
	&& !mLatestResult.isSuccess()) {		&& !mLatestResult.isSuccess()) {

	isRedirectToNonSecureConnection = redirectedLocation.startsWith("http://");		isRedirectToNonSecureConnection \|= (
			baseUrlSt.startsWith("https://") &&
			redirectedLocation.startsWith("http://")
			);
	get.releaseConnection();		get.releaseConnection();
	get = new GetMethod(redirectedLocation);		get = new GetMethod(redirectedLocation);
	status = client.executeMethod(		status = client.executeMethod(
	@@ -103,7 +105,6 @@ public class GetRemoteStatusOperation extends RemoteOperation {
	);		);
	redirectedLocation = mLatestResult.getRedirectedLocation();		redirectedLocation = mLatestResult.getRedirectedLocation();
	}		}
	}

	String response = get.getResponseBodyAsString();		String response = get.getResponseBodyAsString();
	if (status == HttpStatus.SC_OK) {		if (status == HttpStatus.SC_OK) {