From 9c7a58a8976ffe80d0a397f86c8e152698d4a07c Mon Sep 17 00:00:00 2001
From: Ivan Afonichev <iafonichev@griddynamics.com>
Date: Thu, 27 Jan 2022 22:29:53 +0400
Subject: [PATCH] Absolute redirect with '://' in URL param should be valid

Signed-off-by: Ivan Afonichev <ivan.afonichev@gmail.com>
---
 http.c | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/http.c b/http.c
index 4967f4ec..fc6538c1 100644
--- a/http.c
+++ b/http.c
@@ -657,6 +657,13 @@ int handle_redirect(struct openconnect_info *vpninfo)
 		vpninfo->redirect_url = NULL;
 
 		return 0;
+        } else if (vpninfo->redirect_url[0] == '/') {
+                /* Absolute redirect within same host */
+                free(vpninfo->urlpath);
+                vpninfo->urlpath = strdup(vpninfo->redirect_url + 1);
+                free(vpninfo->redirect_url);
+                vpninfo->redirect_url = NULL;
+                return 0;
 	} else if (strstr(vpninfo->redirect_url, "://")) {
 		vpn_progress(vpninfo, PRG_ERR,
 			     _("Cannot follow redirection to non-https URL '%s'\n"),
@@ -664,13 +671,6 @@ int handle_redirect(struct openconnect_info *vpninfo)
 		free(vpninfo->redirect_url);
 		vpninfo->redirect_url = NULL;
 		return -EINVAL;
-	} else if (vpninfo->redirect_url[0] == '/') {
-		/* Absolute redirect within same host */
-		free(vpninfo->urlpath);
-		vpninfo->urlpath = strdup(vpninfo->redirect_url + 1);
-		free(vpninfo->redirect_url);
-		vpninfo->redirect_url = NULL;
-		return 0;
 	} else {
 		char *lastslash = NULL;
 		if (vpninfo->urlpath)
-- 
2.50.1