From 8945fa4f7e13cf6f3f3499de8c7ec02315326efc Mon Sep 17 00:00:00 2001
From: Solderpunk <solderpunk@sdf.org>
Date: Sat, 23 May 2020 12:53:20 +0200
Subject: [PATCH] Don't follow cross-domain redirects automatically.

---
 av98.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/av98.py b/av98.py
index ea5e5e7..5913aa7 100755
--- a/av98.py
+++ b/av98.py
@@ -413,6 +413,11 @@ Slow internet connection?  Use 'set timeout' to be more patient.""")
                 print("Error: caught in redirect loop!")
             elif len(self.previous_redirectors) == _MAX_REDIRECTS:
                 print("Error: refusing to follow more than %d consecutive redirects!" % _MAX_REDIRECTS)
+            # Never follow cross-domain redirects without asking
+            elif new_gi.host != gi.host:
+                follow = input("Follow cross-domain redirect to %s? (y/n) " % new_gi.url)
+                if follow.strip().lower() not in ("y", "yes"):
+                    return
             elif not self.options["auto_follow_redirects"]:
                 follow = input("Follow redirect to %s? (y/n) " % new_gi.url)
                 if follow.strip().lower() not in ("y", "yes"):