From: Jay Freeman (saurik) <saurik@saurik.com>
Date: Fri, 25 Feb 2011 19:37:57 +0000 (-0800)
Subject: Restrict the cydia JS object to HTTPS.
X-Git-Tag: v1.1.0%b1~180
X-Git-Url: https://git.saurik.com/cydia.git/commitdiff_plain/8804004f7cb57e6149ec75d6bb9badd0f22ecb6b?ds=inline

Restrict the cydia JS object to HTTPS.
---

diff --git a/MobileCydia.mm b/MobileCydia.mm
index f24459b3..1c700e51 100644
--- a/MobileCydia.mm
+++ b/MobileCydia.mm
@@ -4572,7 +4572,8 @@ static NSString *Warning_;
     NSURLResponse *response([source response]);
 
     NSURL *url([response URL]);
-    //NSString *scheme([url scheme]);
+
+    NSString *scheme([[url scheme] lowercaseString]);
     NSString *host([url host]);
 
     if ([response isKindOfClass:[NSHTTPURLResponse class]]) {
@@ -4581,8 +4582,9 @@ static NSString *Warning_;
         [self setHeaders:headers forHost:host];
     }
 
-    if ([CydiaHosts_ containsObject:host])
-        [window setValue:cydia_ forKey:@"cydia"];
+    if ([scheme isEqualToString:@"https"])
+        if ([CydiaHosts_ containsObject:host])
+            [window setValue:cydia_ forKey:@"cydia"];
 }
 
 - (NSURLRequest *) webView:(WebView *)view resource:(id)resource willSendRequest:(NSURLRequest *)request redirectResponse:(NSURLResponse *)response fromDataSource:(WebDataSource *)source {