diff options
author | Daniel Stenberg <daniel@haxx.se> | 2017-11-14 23:49:06 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2017-11-14 23:49:06 +0100 |
commit | a9f669896f60864cb2e3c1e4bb292b4c749eb6d1 (patch) | |
tree | b7b629fb2c2bb976ba8a23cb7941b1f4a34b1129 | |
parent | 964d47e7f01777887f8af3b49de35a88ed836a67 (diff) |
TODO: ignore private IP addresses in PASV response
Closes #1455
-rw-r--r-- | docs/TODO | 21 |
1 files changed, 14 insertions, 7 deletions
@@ -56,6 +56,7 @@ 4.5 ASCII support 4.6 GSSAPI via Windows SSPI 4.7 STAT for LIST without data connection + 4.8 Option to ignore private IP addresses in PASV response 5. HTTP 5.1 Better persistency for HTTP 1.0 @@ -448,17 +449,23 @@ 4.6 GSSAPI via Windows SSPI -In addition to currently supporting the SASL GSSAPI mechanism (Kerberos V5) -via third-party GSS-API libraries, such as Heimdal or MIT Kerberos, also add -support for GSSAPI authentication via Windows SSPI. + In addition to currently supporting the SASL GSSAPI mechanism (Kerberos V5) + via third-party GSS-API libraries, such as Heimdal or MIT Kerberos, also add + support for GSSAPI authentication via Windows SSPI. 4.7 STAT for LIST without data connection -Some FTP servers allow STAT for listing directories instead of using LIST, and -the response is then sent over the control connection instead of as the -otherwise usedw data connection: http://www.nsftools.com/tips/RawFTP.htm#STAT + Some FTP servers allow STAT for listing directories instead of using LIST, + and the response is then sent over the control connection instead of as the + otherwise usedw data connection: http://www.nsftools.com/tips/RawFTP.htm#STAT -This is not detailed in any FTP specification. + This is not detailed in any FTP specification. + +4.8 Option to ignore private IP addresses in PASV response + + Some servers respond with and some other FTP client implementations can + ignore private (RFC 1918 style) IP addresses when received in PASV responses. + To consider for libcurl as well. See https://github.com/curl/curl/issues/1455 5. HTTP |