[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] [PATCH] Trivial changes in HSTS
From: |
Tim Rühsen |
Subject: |
Re: [Bug-wget] [PATCH] Trivial changes in HSTS |
Date: |
Sun, 19 Jun 2016 15:49:57 +0200 |
User-agent: |
KMail/4.14.10 (Linux/4.6.0-1-amd64; KDE/4.14.20; x86_64; ; ) |
On Friday 17 June 2016 22:50:27 Gisle Vanem wrote:
> > +static bool
> > +hsts_file_access_valid (const char *filename)
> > +{
> > + struct_stat st;
> > +
> > + if (stat (filename, &st) == -1)
> > + return false;
> > +
> > + return !(st.st_mode & S_IWOTH) && S_ISREG (st.st_mode);
>
> Due to the above patch, the following output on Wget/Windows seems
> a bit paranoid; wget -d https://vortex.data.microsoft.com/collect/v1
> ...
> Reading HSTS entries from c:\Users\Gisle\AppData\Roaming/.wget-hsts
> Will not apply HSTS. The HSTS database must be a regular and
> non-world-writable file. ERROR: could not open HSTS store at
> 'c:\Users\Gisle\AppData\Roaming/.wget-hsts'. HSTS will be disabled.
>
> On Windows this file is *not* "world-writeable" AFAICS (and yes, it does
> exists). Hence this "paranoia" should be accounted for. I'm not so much
> into Posix, so I'll leave it to you experts to comment & patch.
The general problem is that no one tested the sources for 2,5 months on
Windows.
That shouts for using a Windows CI.
Is there someone able and willing to add such support, e.g. creating an
AppVeyor script (or even better Hydra support, they support GNU projects -
have to dig that up) ? Setting up a trigger on Github or Gitlab should be
straight forward.
Regards, Tim
signature.asc
Description: This is a digitally signed message part.