From 373171c5f8ab7bfd36ec555e9fa63403f553cdfa Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Sat, 12 Dec 2020 23:49:22 +0100
Subject: [PATCH] Make CGI_PREFIX protocol-relative when building with
 FEATURE_HTTPS_INSPECTION

This unbreaks (at least) https://config.privoxy.org/client-tags whose
buttons would previously use a http:// URL resulting in browser warnings.

Add and use new CGI_PREFIX_HTTP define in the one case we actually
need a http:// URL.
---
 cgi.c     | 2 +-
 project.h | 7 ++++++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/cgi.c b/cgi.c
index 94f6875f..e03084e0 100644
--- a/cgi.c
+++ b/cgi.c
@@ -457,7 +457,7 @@ static int referrer_is_safe(const struct client_state *csp)
       log_error(LOG_LEVEL_ERROR, "Denying access to %s. No referrer found.",
          csp->http->url);
    }
-   else if ((0 == strncmp(referrer, CGI_PREFIX, sizeof(CGI_PREFIX)-1))
+   else if ((0 == strncmp(referrer, CGI_PREFIX_HTTP, sizeof(CGI_PREFIX_HTTP)-1))
 #ifdef FEATURE_HTTPS_INSPECTION
          || (0 == strncmp(referrer, CGI_PREFIX_HTTPS, sizeof(CGI_PREFIX_HTTPS)-1))
          || (0 == strncmp(referrer, alt_prefix_https, strlen(alt_prefix_https)))
diff --git a/project.h b/project.h
index ec3c1559..e07c7616 100644
--- a/project.h
+++ b/project.h
@@ -1645,8 +1645,13 @@ struct configuration_spec
  * The prefix for CGI pages.  Written out in generated HTML.
  * INCLUDES the trailing slash.
  */
+#ifdef FEATURE_HTTPS_INSPECTION
+#define CGI_PREFIX  "//" CGI_SITE_2_HOST CGI_SITE_2_PATH "/"
+#define CGI_PREFIX_HTTPS "https:" CGI_PREFIX
+#else
 #define CGI_PREFIX  "http://" CGI_SITE_2_HOST CGI_SITE_2_PATH "/"
-#define CGI_PREFIX_HTTPS "https://" CGI_SITE_2_HOST CGI_SITE_2_PATH "/"
+#endif
+#define CGI_PREFIX_HTTP  "http://" CGI_SITE_2_HOST CGI_SITE_2_PATH "/"
 
 #endif /* ndef PROJECT_H_INCLUDED */
 
-- 
2.39.2