5.6 Refuse "downgrade" redirects

author: Daniel Stenberg <daniel@haxx.se> 2015-05-31 00:39:19 +0200
committer: Daniel Stenberg <daniel@haxx.se> 2015-05-31 00:39:19 +0200
commit: 4e7c3c12d32ad3e8d939dfd2fcd7fca84d42cd9c (patch)
tree: 502f34bd72f5729e493ca436c41fe00aeca6a70f
parent: 9a0a16a61c3adf56bdf80a774677b311ef27d376 (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/docs/TODO b/docs/TODO
index 0ffa8df81..7791ea291 100644
--- a/docs/TODO
+++ b/docs/TODO
@@ -49,6 +49,7 @@
  5.3 Rearrange request header order
  5.4 SPDY
  5.5 auth= in URLs
+ 5.6 Refuse "downgrade" redirects
 
  6. TELNET
  6.1 ditch stdin
@@ -348,6 +349,14 @@ This is not detailed in any FTP specification.
 
  Additionally this should be implemented for proxy base URLs as well.
 
+5.6 Refuse "downgrade" redirects
+
+ See https://github.com/bagder/curl/issues/226
+
+ Consider a way to tell curl to refuse to "downgrade" protocol with a redirect
+ and/or possibly a bit that refuses redirect to change protocol completely.
+
+
 6. TELNET
 
 6.1 ditch stdin
author	Daniel Stenberg <daniel@haxx.se>	2015-05-31 00:39:19 +0200
committer	Daniel Stenberg <daniel@haxx.se>	2015-05-31 00:39:19 +0200
commit	4e7c3c12d32ad3e8d939dfd2fcd7fca84d42cd9c (patch)
tree	502f34bd72f5729e493ca436c41fe00aeca6a70f
parent	9a0a16a61c3adf56bdf80a774677b311ef27d376 (diff)