Add force https mode

Implement an option to force all http urls to be upgraded to HTTPS,
similar to HTTPS-Only Mode in Firefox.

A http_force_https preference variable is provided as well as a menu
bar item to toggle this mode.

See: https://support.mozilla.org/en-US/kb/https-only-prefs

1 files changed, 18 insertions, 8 deletions

diff --git a/src/url.c b/src/url.c
index 4af7bef1..686a3b90 100644
--- a/src/url.c
+++ b/src/url.c
@@ -423,16 +423,26 @@ DilloUrl* a_Url_new(const char *url_str, const char *base_url)
    dFree(str1);
    dFree(str2);
 
-   /*
-    * A site's HTTP Strict Transport Security policy may direct us to transform
-    * URLs like "http://en.wikipedia.org:80" to "https://en.wikipedia.org:443".
-    */
-   if (prefs.http_strict_transport_security &&
-       url->scheme && !dStrAsciiCasecmp(url->scheme, "http") &&
-       a_Hsts_require_https(a_Url_hostname(url))) {
+   bool_t switch_to_https = FALSE;
+
+   if (url->scheme && !dStrAsciiCasecmp(url->scheme, "http")) {
+      /*
+       * A site's HTTP Strict Transport Security policy may direct us to transform
+       * URLs like "http://en.wikipedia.org:80" to "https://en.wikipedia.org:443".
+       */
+      if (prefs.http_strict_transport_security &&
+          a_Hsts_require_https(a_Url_hostname(url))) {
+         _MSG("url: HSTS transformation for %s.\n", url->url_string->str);
+         switch_to_https = TRUE;
+      } else if (prefs.http_force_https) {
+         _MSG("url: Force HTTPS transformation for %s.\n", url->url_string->str);
+         switch_to_https = TRUE;
+      }
+   }
+
+   if (switch_to_https) {
       const char *const scheme = "https";
 
-      _MSG("url: HSTS transformation for %s.\n", url->url_string->str);
       url->scheme = scheme;
       if (url->port == URL_HTTP_PORT)
          url->port = URL_HTTPS_PORT;