Proxy improvements

Verify domain name against the request and now against the original URL.

HTTP proxy overrides the default handling of HTTP URLs.

2 files changed, 3 insertions, 2 deletions

diff --git a/src/app.c b/src/app.c
index f000108d..dc61c103 100644
--- a/src/app.c
+++ b/src/app.c
@@ -667,7 +667,8 @@ iBool handleCommand_App(const char *cmd) {
         const iString *url = collectNewCStr_String(suffixPtr_Command(cmd, "url"));
         iUrl parts;
         init_Url(&parts, url);
-        if (equalCase_Rangecc(parts.scheme, "http") || equalCase_Rangecc(parts.scheme, "https")) {
+        if (isEmpty_String(&d->httpProxy) &&
+            (equalCase_Rangecc(parts.scheme, "http") || equalCase_Rangecc(parts.scheme, "https"))) {
             openInDefaultBrowser_App(url);
             return iTrue;
         }
diff --git a/src/gmrequest.c b/src/gmrequest.c
index 24732650..137e8303 100644
--- a/src/gmrequest.c
+++ b/src/gmrequest.c
@@ -194,7 +194,7 @@ static void checkServerCertificate_GmRequest_(iGmRequest *d) {
     const iTlsCertificate *cert = serverCertificate_TlsRequest(d->req);
     d->resp.certFlags = 0;
     if (cert) {
-        const iRangecc domain = urlHost_String(&d->url);
+        const iRangecc domain = range_String(hostName_Address(address_TlsRequest(d->req)));
         d->resp.certFlags |= available_GmCertFlag;
         if (!isExpired_TlsCertificate(cert)) {
             d->resp.certFlags |= timeVerified_GmCertFlag;