transfer: clear referer when set to NULL

Verify in test 1649

Closes #21741

diff --git a/lib/transfer.c b/lib/transfer.c
index 721ad8d9cec7f0d0b8a3323242b8813d258f05d2..49930518eeac58fba76d58dc202bd5416b4ad6dd 100644 (file)
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -511,6 +511,8 @@ CURLcode Curl_pretransfer(struct Curl_easy *data)
   if(data->set.str[STRING_SET_REFERER])
     Curl_bufref_set(&data->state.referer, data->set.str[STRING_SET_REFERER],
                     0, NULL);
+  else
+    Curl_bufref_free(&data->state.referer);
 
   if(data->state.httpreq == HTTPREQ_PUT)
     data->state.infilesize = data->set.filesize;

diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
index 08b2f17dd0ffb5c453dd0945cd15b39855507a10..78779a55188eedf8d68d9c76b38eea77c15dbd36 100644 (file)
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@@ -216,7 +216,7 @@ test1612 test1613 test1614 test1615 test1616 test1617 test1618 test1619 \
 test1620 test1621 test1622 test1623 test1624 test1625 test1626 test1627 \
 test1628 test1629 test1630 test1631 test1632 test1633 test1634 test1635 \
 test1636 test1637 test1638 test1639 test1640 test1641 test1642 test1643 \
-test1644 test1645 test1646 test1647 test1648 \
+test1644 test1645 test1646 test1647 test1648 test1649 \
 \
 test1650 test1651 test1652 test1653 test1654 test1655 test1656 test1657 \
 test1658 test1659 test1660 test1661 test1662 test1663 test1664 test1665 \

diff --git a/tests/data/test1649 b/tests/data/test1649
new file mode 100644 (file)
index 0000000..d2fd779
--- /dev/null
+++ b/tests/data/test1649
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="US-ASCII"?>
+<testcase>
+<info>
+<keywords>
+HTTP
+Referer
+</keywords>
+</info>
+
+# Server-side
+<reply>
+
+# this is returned first since we get no proxy-auth
+<data crlf="headers" nocheck="yes">
+HTTP/1.1 200 OK
+Content-Length: 6
+
+hello
+</data>
+
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+
+<tool>
+lib%TESTNUMBER
+</tool>
+<name>
+Set referer first then NULL it
+</name>
+<command>
+http://%HOSTIP:%HTTPPORT
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<protocol crlf="headers">
+GET / HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+Referer: https://secret.example.com/
+
+GET / HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol>
+
+</verify>
+</testcase>

diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc
index ad86411a7f29621954bbc3b4d10467e3decac4aa..d9a94a1e715b3cd47eb47cd4cf10f391cf41dab1 100644 (file)
--- a/tests/libtest/Makefile.inc
+++ b/tests/libtest/Makefile.inc
@@ -99,7 +99,7 @@ TESTS_C = \
   lib1576.c lib1582.c lib1587.c lib1588.c lib1589.c \
   lib1591.c lib1592.c lib1593.c lib1594.c                     lib1597.c \
   lib1598.c lib1599.c \
-  lib1647.c lib1648.c \
+  lib1647.c lib1648.c lib1649.c \
   lib1662.c \
   lib1900.c lib1901.c lib1902.c lib1903.c lib1905.c lib1906.c lib1907.c \
   lib1908.c           lib1910.c lib1911.c lib1912.c lib1913.c \

diff --git a/tests/libtest/lib1649.c b/tests/libtest/lib1649.c
new file mode 100644 (file)
index 0000000..2dd66c0
--- /dev/null
+++ b/tests/libtest/lib1649.c
@@ -0,0 +1,90 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at https://curl.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ * SPDX-License-Identifier: curl
+ *
+ ***************************************************************************/
+
+#include "first.h"
+
+/* this is meant to pick up the proxy from the environment variable */
+static CURLcode init1649(CURL *curl, const char *url)
+{
+  CURLcode result = CURLE_OK;
+
+  res_easy_setopt(curl, CURLOPT_URL, url);
+  if(result)
+    goto init_failed;
+
+  res_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
+  if(result)
+    goto init_failed;
+
+  return CURLE_OK; /* success */
+
+init_failed:
+  return result; /* failure */
+}
+
+static CURLcode run1649(CURL *curl, const char *url)
+{
+  CURLcode result = CURLE_OK;
+
+  result = init1649(curl, url);
+  if(result)
+    return result;
+
+  return curl_easy_perform(curl);
+}
+
+static CURLcode test_lib1649(const char *URL)
+{
+  CURLcode result = CURLE_OK;
+  CURL *curl = NULL;
+
+  res_global_init(CURL_GLOBAL_ALL);
+  if(result)
+    return result;
+
+  curl = curl_easy_init();
+  if(!curl) {
+    curl_mfprintf(stderr, "curl_easy_init() failed\n");
+    curl_global_cleanup();
+    return TEST_ERR_MAJOR_BAD;
+  }
+
+  start_test_timing();
+
+  easy_setopt(curl, CURLOPT_REFERER, "https://secret.example.com/");
+
+  result = run1649(curl, URL);
+  if(result)
+    goto test_cleanup;
+
+  /* reset it */
+  easy_setopt(curl, CURLOPT_REFERER, NULL);
+
+  result = run1649(curl, URL);
+
+test_cleanup:
+  curl_easy_cleanup(curl);
+  curl_global_cleanup();
+  return result;
+}