From 5014da42fc726b68b62d7864806ec12fd06c5d5f Mon Sep 17 00:00:00 2001 From: Sam Gibson Date: Sun, 19 Jul 2015 14:34:01 +1000 Subject: [PATCH] Only secure URL's that aren't already to HTTPS. Cuts down on logger spam, and unnecessary Url::clone's --- components/net/http_loader.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/net/http_loader.rs b/components/net/http_loader.rs index 4c417bcad3a..bfb4dbfb94a 100644 --- a/components/net/http_loader.rs +++ b/components/net/http_loader.rs @@ -118,7 +118,7 @@ fn load(mut load_data: LoadData, loop { iters = iters + 1; - if request_must_be_secured(&hsts_list.lock().unwrap(), &url) { + if &*url.scheme != "https" && request_must_be_secured(&hsts_list.lock().unwrap(), &url) { info!("{} is in the strict transport security list, requesting secure host", url); url = secure_url(&url); }