[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] [PATCH] Trivial changes in HSTS

From: Gisle Vanem
Subject: Re: [Bug-wget] [PATCH] Trivial changes in HSTS
Date: Fri, 17 Jun 2016 22:50:27 +0200
User-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.1.1

> +static bool
> +hsts_file_access_valid (const char *filename)
> +{
> +  struct_stat st;
> +
> +  if (stat (filename, &st) == -1)
> +    return false;
> +
> +  return !(st.st_mode & S_IWOTH) && S_ISREG (st.st_mode);

Due to the above patch, the following output on Wget/Windows seems
a bit paranoid; wget -d https://vortex.data.microsoft.com/collect/v1
  Reading HSTS entries from c:\Users\Gisle\AppData\Roaming/.wget-hsts
  Will not apply HSTS. The HSTS database must be a regular and 
non-world-writable file.
  ERROR: could not open HSTS store at 
'c:\Users\Gisle\AppData\Roaming/.wget-hsts'. HSTS will be disabled.

On Windows this file is *not* "world-writeable" AFAICS (and yes, it does 
Hence this "paranoia" should be accounted for. I'm not so much into Posix,
so I'll leave it to you experts to comment & patch.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]