lib/httpx/connection.rb in httpx-0.19.8 vs lib/httpx/connection.rb in httpx-0.20.0
- old
+ new
@@ -100,12 +100,12 @@
# if there is more than one origin to match, it means that this connection
# was the result of coalescing. To prevent blind trust in the case where the
# origin came from an ORIGIN frame, we're going to verify the hostname with the
# SSL certificate
(@origins.size == 1 || @origin == uri.origin || (@io && @io.verify_hostname(uri.host)))
- ) || match_altsvcs?(uri)
- ) && @options == options
+ ) && @options == options
+ ) || (match_altsvcs?(uri) && match_altsvc_options?(uri, options))
end
def mergeable?(connection)
return false if @state == :closing || @state == :closed || !@io
@@ -158,9 +158,17 @@
@origins.any? { |origin| uri.altsvc_match?(origin) } ||
AltSvc.cached_altsvc(@origin).any? do |altsvc|
origin = altsvc["origin"]
origin.altsvc_match?(uri.origin)
end
+ end
+
+ def match_altsvc_options?(uri, options)
+ return @options == options unless @options.ssl[:hostname] == uri.host
+
+ dup_options = @options.merge(ssl: { hostname: nil })
+ dup_options.ssl.delete(:hostname)
+ dup_options == options
end
def connecting?
@state == :idle
end