From 32f27c5131ecffa4dba412c9f39ff3d3e2c21340 Mon Sep 17 00:00:00 2001
From: Raymond Hill <rhill@raymondhill.net>
Date: Wed, 16 Oct 2024 08:25:56 -0400
Subject: [PATCH] Ensure `urlskip=` redirects only to `https:`

---
 src/js/static-net-filtering.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/js/static-net-filtering.js b/src/js/static-net-filtering.js
index 0fb6dc5b8..6a2f6c9c3 100644
--- a/src/js/static-net-filtering.js
+++ b/src/js/static-net-filtering.js
@@ -5508,7 +5508,8 @@ function urlSkip(directive, url, steps) {
             // Unknown directive
             return;
         }
-        void new URL(urlout);
+        const urlfinal = new URL(urlout);
+        if ( urlfinal.protocol !== 'https:' ) { return; }
         return urlout;
     } catch(x) {
     }