From: Seth Michael Larson Date: Sun, 28 Jul 2019 17:02:21 +0000 (-0500) Subject: Switch hosts on HSTS preload to HTTPS (#151) X-Git-Tag: 0.7.0~37 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3ba2e8c328f05b07ee06ae40f99dce7fe1e8292c;p=thirdparty%2Fhttpx.git Switch hosts on HSTS preload to HTTPS (#151) --- diff --git a/httpx/models.py b/httpx/models.py index d227948e..2f29be5f 100644 --- a/httpx/models.py +++ b/httpx/models.py @@ -8,6 +8,7 @@ from http.cookiejar import Cookie, CookieJar from urllib.parse import parse_qsl, urlencode import chardet +import hstspreload import rfc3986 from .config import USER_AGENT @@ -113,6 +114,14 @@ class URL: if not self.host: raise InvalidURL("No host included in URL.") + # If the URL is HTTP but the host is on the HSTS preload list switch to HTTPS. + if ( + self.scheme == "http" + and self.host + and hstspreload.in_hsts_preload(self.host) + ): + self.components = self.components.copy_with(scheme="https") + @property def scheme(self) -> str: return self.components.scheme or "" diff --git a/requirements.txt b/requirements.txt index 98e2d237..e7400b09 100644 --- a/requirements.txt +++ b/requirements.txt @@ -2,6 +2,7 @@ certifi chardet==3.* h11==0.8.* h2==3.* +hstspreload idna==2.* rfc3986==1.* diff --git a/setup.py b/setup.py index 2e8da065..2045210a 100644 --- a/setup.py +++ b/setup.py @@ -51,6 +51,7 @@ setup( "chardet==3.*", "h11==0.8.*", "h2==3.*", + "hstspreload", "idna==2.*", "rfc3986==1.*", ], diff --git a/tests/models/test_url.py b/tests/models/test_url.py index 34e2e1a5..7c865f5a 100644 --- a/tests/models/test_url.py +++ b/tests/models/test_url.py @@ -124,3 +124,11 @@ def test_url_set(): url_set = set(urls) assert all(url in urls for url in url_set) + + +def test_hsts_preload_converted_to_https(): + url = URL("http://www.paypal.com") + + assert url.is_ssl + assert url.scheme == "https" + assert url == "https://www.paypal.com"