Description
Hi there!
While using sslstrip, I encountered a rather small but crucial issue of infinite redirections.
Some links get redirected to "http://www.evil.com" while others might redirect to "http://www.evil.com/". A small difference, but an important one.
Since the '/' char is sometimes missing, the function "addSecureLink" cannot really find the index of "pathIndex", hence its value is set to -1 and "path" turns to be the full url ("http://www.evil.com").
The problem comes up next when ClientRequest uses UrlMonitor's "IsSecureLink" to decide how to treat the HTTP Request. "handleHostResolvedSuccess" passes the url to "IsSecureLink" with a '/' char (I didn't find out the reason exactly, but it does), and so the check if "(client, url) in self.strippedURLs" fails since
http://www.evil.com != http://www.evil.com/
This might lead to all sorts of unexpected behaviors, in my case - an infinite redirection.
I fixed this bug by checking for pathIndex value, and adding a '/' if necessary. Hopefully this bug will be fixed in the master branch as well :).
Thanks you Moxie for this tool :)!