mirror of
https://github.com/rkd77/elinks.git
synced 2025-02-02 15:09:23 -05:00
a83ff1f565
It seems GnuTLS is not as good at negotiating a supported protocol as OpenSSL is. ELinks tries to work around that by retrying with a different protocol if the SSL library reports an error. However, ELinks must not automatically retry POST requests where some data may have already reached the server; POST is not a safe method in HTTP. So instead, collect the name of the TLS-incapable server in a blacklist when ELinks e.g. loads an HTML form from it; the actual POST can then immediately use the protocol that worked. It's a bit ugly that src/network/socket.c now uses protocol/http/blacklist.h. It might be better to move the blacklist files out of the http directory, and perhaps merge them with the BitTorrent blacklisting code.