diff options
author | Daniel Stenberg <daniel@haxx.se> | 2016-02-02 00:24:30 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2016-02-02 00:24:30 +0100 |
commit | 6b485c7407fdfab34e47df9ad75f4ad5d84f0e34 (patch) | |
tree | 20eb068e42f6cd90d04a84f827a71ed10f4fdd5f | |
parent | 7a8a7ca7b01d3e37467cf3779df67f1e852541f9 (diff) |
HTTPS: update a bunch of URLs from HTTP to HTTPS
-rw-r--r-- | CONTRIBUTING.md | 4 | ||||
-rw-r--r-- | README | 4 | ||||
-rw-r--r-- | docs/BINDINGS | 4 | ||||
-rw-r--r-- | docs/BUGS | 2 | ||||
-rw-r--r-- | docs/CONTRIBUTE | 4 | ||||
-rw-r--r-- | docs/FAQ | 16 | ||||
-rw-r--r-- | docs/HTTP-COOKIES | 4 | ||||
-rw-r--r-- | docs/INTERNALS | 24 | ||||
-rw-r--r-- | docs/KNOWN_BUGS | 64 | ||||
-rw-r--r-- | docs/LICENSE-MIXING | 2 | ||||
-rw-r--r-- | docs/MAIL-ETIQUETTE | 2 | ||||
-rw-r--r-- | docs/MANUAL | 6 | ||||
-rw-r--r-- | docs/RESOURCES | 2 | ||||
-rw-r--r-- | docs/SECURITY | 2 | ||||
-rw-r--r-- | docs/SSL-PROBLEMS | 4 | ||||
-rw-r--r-- | docs/SSLCERTS | 2 | ||||
-rw-r--r-- | docs/TODO | 20 | ||||
-rw-r--r-- | docs/TheArtOfHttpScripting | 8 | ||||
-rw-r--r-- | docs/curl.1 | 8 | ||||
-rw-r--r-- | docs/libcurl/libcurl-thread.3 | 4 |
20 files changed, 93 insertions, 93 deletions
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index f0a6771ec..33d5cae37 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -6,7 +6,7 @@ Join the community 1. Click 'watch' on the github repo - 2. Subscribe to the suitable [mailing lists](http://curl.haxx.se/mail/) + 2. Subscribe to the suitable [mailing lists](https://curl.haxx.se/mail/) Read [docs/CONTRIBUTE](docs/CONTRIBUTE) --------------------------------------- @@ -19,7 +19,7 @@ Send your suggestions using one of these methods: 2. as a pull request on github 3. as an issue on github - + / The cURL team! @@ -24,7 +24,7 @@ README CONTACT If you have problems, questions, ideas or suggestions, please contact us - by posting to a suitable mailing list. See http://curl.haxx.se/mail/ + by posting to a suitable mailing list. See https://curl.haxx.se/mail/ All contributors to the project are listed in the THANKS document. @@ -32,7 +32,7 @@ WEB SITE Visit the curl web site for the latest news and downloads: - http://curl.haxx.se/ + https://curl.haxx.se/ GIT diff --git a/docs/BINDINGS b/docs/BINDINGS index fed16e990..eb67c3d6b 100644 --- a/docs/BINDINGS +++ b/docs/BINDINGS @@ -27,7 +27,7 @@ Basic C libcurl is a C library in itself! - http://curl.haxx.se/libcurl/ + https://curl.haxx.se/libcurl/ C++ @@ -184,7 +184,7 @@ Rexx RPG Support for ILE/RPG on OS/400 is included in source distribution - http://curl.haxx.se/libcurl/ + https://curl.haxx.se/libcurl/ See packages/OS400/README.OS400 and packages/OS400/curl.inc.in Ruby @@ -40,7 +40,7 @@ BUGS Please read the rest of this document below first before doing that! If you feel you need to ask around first, find a suitable mailing list and - post there. The lists are available on http://curl.haxx.se/mail/ + post there. The lists are available on https://curl.haxx.se/mail/ 1.3 What to report diff --git a/docs/CONTRIBUTE b/docs/CONTRIBUTE index c6ea9773f..02244e686 100644 --- a/docs/CONTRIBUTE +++ b/docs/CONTRIBUTE @@ -42,13 +42,13 @@ 1.1 Join the Community - Skip over to http://curl.haxx.se/mail/ and join the appropriate mailing + Skip over to https://curl.haxx.se/mail/ and join the appropriate mailing list(s). Read up on details before you post questions. Read this file before you start sending patches! We prefer patches and discussions being held on the mailing list(s), not sent to individuals. Before posting to one of the curl mailing lists, please read up on the mailing - list etiquette: http://curl.haxx.se/mail/etiquette.html + list etiquette: https://curl.haxx.se/mail/etiquette.html We also hang out on IRC in #curl on irc.freenode.net @@ -281,7 +281,7 @@ FAQ Please do not mail any single individual unless you really need to. Keep curl-related questions on a suitable mailing list. All available mailing lists are listed in the MANUAL document and online at - http://curl.haxx.se/mail/ + https://curl.haxx.se/mail/ Keeping curl-related questions and discussions on mailing lists allows others to join in and help, to share their ideas, contribute their @@ -302,7 +302,7 @@ FAQ your curl-related problems. We list available alternatives on the curl web site: - http://curl.haxx.se/support.html + https://curl.haxx.se/support.html 1.10 How many are using curl? @@ -341,7 +341,7 @@ FAQ If you want the most recent collection of ca certs that Mozilla Firefox uses, we recommend that you extract the collection yourself from Mozilla Firefox (by running 'make ca-bundle), or by using our online service setup - for this purpose: http://curl.haxx.se/docs/caextract.html + for this purpose: https://curl.haxx.se/docs/caextract.html 1.12 I have a problem who can I chat with? @@ -449,7 +449,7 @@ FAQ GnuTLS, yassl, NSS, PolarSSL, axTLS, Secure Transport (native iOS/OS X), WinSSL (native Windows) or GSKit (native IBM i). They all have their pros and cons, and we try to maintain a comparison of them here: - http://curl.haxx.se/docs/ssl-compared.html + https://curl.haxx.se/docs/ssl-compared.html 2.3 Where can I find a copy of LIBEAY32.DLL? @@ -561,7 +561,7 @@ FAQ Find out more about which languages that support curl directly, and how to install and use them, in the libcurl section of the curl web site: - http://curl.haxx.se/libcurl/ + https://curl.haxx.se/libcurl/ All the various bindings to libcurl are made by other projects and people, outside of the cURL project. The cURL project itself only produces libcurl @@ -694,7 +694,7 @@ FAQ certificate. Server certificate verification is enabled by default in curl and libcurl and is often the reason for problems as explained in FAQ entry 4.12 and the SSLCERTS document - (http://curl.haxx.se/docs/sslcerts.html). Server certificates that are + (https://curl.haxx.se/docs/sslcerts.html). Server certificates that are "self-signed" or otherwise signed by a CA that you do not have a CA cert for, cannot be verified. If the verification during a connect fails, you are refused access. You then need to explicitly disable the verification to @@ -985,7 +985,7 @@ FAQ this check. Details are also in the SSLCERTS file in the release archives, found online - here: http://curl.haxx.se/docs/sslcerts.html + here: https://curl.haxx.se/docs/sslcerts.html 4.13 Why is curl -R on Windows one hour off? @@ -1521,7 +1521,7 @@ FAQ notice" somewhere. Most probably like in the documentation or in the section where other third party dependencies already are mentioned and acknowledged. - As can be seen here: http://curl.haxx.se/docs/companies.html and elsewhere, + As can be seen here: https://curl.haxx.se/docs/companies.html and elsewhere, more and more companies are discovering the power of libcurl and take advantage of it even in commercial environments. diff --git a/docs/HTTP-COOKIES b/docs/HTTP-COOKIES index b5abddfa6..0e43ba760 100644 --- a/docs/HTTP-COOKIES +++ b/docs/HTTP-COOKIES @@ -1,4 +1,4 @@ -Updated: July 3, 2012 (http://curl.haxx.se/docs/http-cookies.html) +Updated: July 3, 2012 (https://curl.haxx.se/docs/http-cookies.html) _ _ ____ _ ___| | | | _ \| | / __| | | | |_) | | @@ -34,7 +34,7 @@ HTTP Cookies servers with the Cookie: header. For a very long time, the only spec explaining how to use cookies was the - original Netscape spec from 1994: http://curl.haxx.se/rfc/cookie_spec.html + original Netscape spec from 1994: https://curl.haxx.se/rfc/cookie_spec.html In 2011, RFC6265 (https://www.ietf.org/rfc/rfc6265.txt) was finally published and details how cookies work within HTTP. diff --git a/docs/INTERNALS b/docs/INTERNALS index 4cd63b4e2..698d66ec4 100644 --- a/docs/INTERNALS +++ b/docs/INTERNALS @@ -1079,17 +1079,17 @@ for older and later versions as things don't change drastically that often. the share API. -[1]: http://curl.haxx.se/libcurl/c/curl_easy_setopt.html -[2]: http://curl.haxx.se/libcurl/c/curl_easy_init.html +[1]: https://curl.haxx.se/libcurl/c/curl_easy_setopt.html +[2]: https://curl.haxx.se/libcurl/c/curl_easy_init.html [3]: http://c-ares.haxx.se/ [4]: https://tools.ietf.org/html/rfc7230 "RFC 7230" -[5]: http://curl.haxx.se/libcurl/c/CURLOPT_ACCEPT_ENCODING.html -[6]: http://curl.haxx.se/docs/manpage.html#--compressed -[7]: http://curl.haxx.se/libcurl/c/curl_multi_socket_action.html -[8]: http://curl.haxx.se/libcurl/c/curl_multi_timeout.html -[9]: http://curl.haxx.se/libcurl/c/curl_multi_setopt.html -[10]: http://curl.haxx.se/libcurl/c/CURLMOPT_TIMERFUNCTION.html -[11]: http://curl.haxx.se/libcurl/c/curl_multi_perform.html -[12]: http://curl.haxx.se/libcurl/c/curl_multi_fdset.html -[13]: http://curl.haxx.se/libcurl/c/curl_multi_add_handle.html -[14]: http://curl.haxx.se/libcurl/c/curl_multi_info_read.html +[5]: https://curl.haxx.se/libcurl/c/CURLOPT_ACCEPT_ENCODING.html +[6]: https://curl.haxx.se/docs/manpage.html#--compressed +[7]: https://curl.haxx.se/libcurl/c/curl_multi_socket_action.html +[8]: https://curl.haxx.se/libcurl/c/curl_multi_timeout.html +[9]: https://curl.haxx.se/libcurl/c/curl_multi_setopt.html +[10]: https://curl.haxx.se/libcurl/c/CURLMOPT_TIMERFUNCTION.html +[11]: https://curl.haxx.se/libcurl/c/curl_multi_perform.html +[12]: https://curl.haxx.se/libcurl/c/curl_multi_fdset.html +[13]: https://curl.haxx.se/libcurl/c/curl_multi_add_handle.html +[14]: https://curl.haxx.se/libcurl/c/curl_multi_info_read.html diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS index 77ad95f10..c23e15e7a 100644 --- a/docs/KNOWN_BUGS +++ b/docs/KNOWN_BUGS @@ -10,10 +10,10 @@ may have been fixed since this was written! code reveals that pingpong.c contains some truncation code, at line 408, when it deems the server response to be too large truncating it to 40 characters" - http://curl.haxx.se/bug/view.cgi?id=1366 + https://curl.haxx.se/bug/view.cgi?id=1366 89. Disabling HTTP Pipelining when there are ongoing transfers can lead to - heap corruption and crash. http://curl.haxx.se/bug/view.cgi?id=1411 + heap corruption and crash. https://curl.haxx.se/bug/view.cgi?id=1411 88. libcurl doesn't support CURLINFO_FILETIME for SFTP transfers and thus curl's -R option also doesn't work then. @@ -24,7 +24,7 @@ may have been fixed since this was written! mention that decoding also means that we need to check for nastiness that is attempted, like "../" sequences and the like. Probably everything to the left of any embedded slashes should be cut off. - http://curl.haxx.se/bug/view.cgi?id=1294 + https://curl.haxx.se/bug/view.cgi?id=1294 86. The disconnect commands (LOGOUT and QUIT) may not be sent by IMAP, POP3 and SMTP if a failure occurs during the authentication phase of a @@ -36,7 +36,7 @@ may have been fixed since this was written! CURLINFO_STARTTRANSFER_TIME minus CURLINFO_PRETRANSFER_TIME is near to zero every time. https://github.com/bagder/curl/issues/218 - http://curl.haxx.se/bug/view.cgi?id=1213 + https://curl.haxx.se/bug/view.cgi?id=1213 84. CURLINFO_SSL_VERIFYRESULT is only implemented for the OpenSSL and NSS backends, so relying on this information in a generic app is flaky. @@ -44,48 +44,48 @@ may have been fixed since this was written! 82. When building with the Windows Borland compiler, it fails because the "tlib" tool doesn't support hyphens (minus signs) in file names and we have such in the build. - http://curl.haxx.se/bug/view.cgi?id=1222 + https://curl.haxx.se/bug/view.cgi?id=1222 81. When using -J (with -O), automatically resumed downloading together with "-C -" fails. Without -J the same command line works! This happens because the resume logic is worked out before the target file name (and thus its pre-transfer size) has been figured out! - http://curl.haxx.se/bug/view.cgi?id=1169 + https://curl.haxx.se/bug/view.cgi?id=1169 80. Curl doesn't recognize certificates in DER format in keychain, but it works with PEM. - http://curl.haxx.se/bug/view.cgi?id=1065 + https://curl.haxx.se/bug/view.cgi?id=1065 79. SMTP. When sending data to multiple recipients, curl will abort and return failure if one of the recipients indicate failure (on the "RCPT TO" command). Ordinary mail programs would proceed and still send to the ones that can receive data. This is subject for change in the future. - http://curl.haxx.se/bug/view.cgi?id=1116 + https://curl.haxx.se/bug/view.cgi?id=1116 75. NTLM authentication involving unicode user name or password only works properly if built with UNICODE defined together with the WinSSL/schannel backend. The original problem was mentioned in: - http://curl.haxx.se/mail/lib-2009-10/0024.html - http://curl.haxx.se/bug/view.cgi?id=896 + https://curl.haxx.se/mail/lib-2009-10/0024.html + https://curl.haxx.se/bug/view.cgi?id=896 The WinSSL/schannel version verified to work as mentioned in - http://curl.haxx.se/mail/lib-2012-07/0073.html + https://curl.haxx.se/mail/lib-2012-07/0073.html 73. if a connection is made to a FTP server but the server then just never sends the 220 response or otherwise is dead slow, libcurl will not acknowledge the connection timeout during that phase but only the "real" timeout - which may surprise users as it is probably considered to be the connect phase to most people. Brought up (and is being misunderstood) in: - http://curl.haxx.se/bug/view.cgi?id=856 + https://curl.haxx.se/bug/view.cgi?id=856 72. "Pausing pipeline problems." - http://curl.haxx.se/mail/lib-2009-07/0214.html + https://curl.haxx.se/mail/lib-2009-07/0214.html 70. Problem re-using easy handle after call to curl_multi_remove_handle - http://curl.haxx.se/mail/lib-2009-07/0249.html + https://curl.haxx.se/mail/lib-2009-07/0249.html 68. "More questions about ares behavior". - http://curl.haxx.se/mail/lib-2009-08/0012.html + https://curl.haxx.se/mail/lib-2009-08/0012.html 67. When creating multipart formposts. The file name part can be encoded with something beyond ascii but currently libcurl will only pass in the verbatim @@ -94,7 +94,7 @@ may have been fixed since this was written! https://tools.ietf.org/html/draft-reschke-rfc2231-in-http-02 66. When using telnet, the time limitation options don't work. - http://curl.haxx.se/bug/view.cgi?id=846 + https://curl.haxx.se/bug/view.cgi?id=846 65. When doing FTP over a socks proxy or CONNECT through HTTP proxy and the multi interface is used, libcurl will fail if the (passive) TCP connection @@ -105,27 +105,27 @@ may have been fixed since this was written! 63. When CURLOPT_CONNECT_ONLY is used, the handle cannot reliably be re-used for any further requests or transfers. The work-around is then to close that handle with curl_easy_cleanup() and create a new. Some more details: - http://curl.haxx.se/mail/lib-2009-04/0300.html + https://curl.haxx.se/mail/lib-2009-04/0300.html 61. If an upload using Expect: 100-continue receives an HTTP 417 response, it ought to be automatically resent without the Expect:. A workaround is for the client application to redo the transfer after disabling Expect:. - http://curl.haxx.se/mail/archive-2008-02/0043.html + https://curl.haxx.se/mail/archive-2008-02/0043.html 60. libcurl closes the connection if an HTTP 401 reply is received while it is waiting for the the 100-continue response. - http://curl.haxx.se/mail/lib-2008-08/0462.html + https://curl.haxx.se/mail/lib-2008-08/0462.html 58. It seems sensible to be able to use CURLOPT_NOBODY and CURLOPT_FAILONERROR with FTP to detect if a file exists or not, but it is - not working: http://curl.haxx.se/mail/lib-2008-07/0295.html + not working: https://curl.haxx.se/mail/lib-2008-07/0295.html 56. When libcurl sends CURLOPT_POSTQUOTE commands when connected to a SFTP server using the multi interface, the commands are not being sent correctly and instead the connection is "cancelled" (the operation is considered done) prematurely. There is a half-baked (busy-looping) patch provided in the bug report but it cannot be accepted as-is. See - http://curl.haxx.se/bug/view.cgi?id=748 + https://curl.haxx.se/bug/view.cgi?id=748 55. libcurl fails to build with MIT Kerberos for Windows (KfW) due to KfW's library header files exporting symbols/macros that should be kept private @@ -134,13 +134,13 @@ may have been fixed since this was written! 52. Gautam Kachroo's issue that identifies a problem with the multi interface where a connection can be re-used without actually being properly SSL-negotiated: - http://curl.haxx.se/mail/lib-2008-01/0277.html + https://curl.haxx.se/mail/lib-2008-01/0277.html 49. If using --retry and the transfer timeouts (possibly due to using -m or -y/-Y) the next attempt doesn't resume the transfer properly from what was downloaded in the previous attempt but will truncate and restart at the original position where it was at before the previous failed attempt. See - http://curl.haxx.se/mail/lib-2008-01/0080.html and Mandriva bug report + https://curl.haxx.se/mail/lib-2008-01/0080.html and Mandriva bug report https://qa.mandriva.com/show_bug.cgi?id=22565 48. If a CONNECT response-headers are larger than BUFSIZE (16KB) when the @@ -149,25 +149,25 @@ may have been fixed since this was written! protocol code. This should be very rare. 43. There seems to be a problem when connecting to the Microsoft telnet server. - http://curl.haxx.se/bug/view.cgi?id=649 + https://curl.haxx.se/bug/view.cgi?id=649 41. When doing an operation over FTP that requires the ACCT command (but not when logging in), the operation will fail since libcurl doesn't detect this and thus fails to issue the correct command: - http://curl.haxx.se/bug/view.cgi?id=635 + https://curl.haxx.se/bug/view.cgi?id=635 39. Steffen Rumler's Race Condition in Curl_proxyCONNECT: - http://curl.haxx.se/mail/lib-2007-01/0045.html + https://curl.haxx.se/mail/lib-2007-01/0045.html 38. Kumar Swamy Bhatt's problem in ftp/ssl "LIST" operation: - http://curl.haxx.se/mail/lib-2007-01/0103.html + https://curl.haxx.se/mail/lib-2007-01/0103.html 35. Both SOCKS5 and SOCKS4 proxy connections are done blocking, which is very bad when used with the multi interface. 34. The SOCKS4 connection codes don't properly acknowledge (connect) timeouts. Also see #12. According to bug #1556528, even the SOCKS5 connect code does - not do it right: http://curl.haxx.se/bug/view.cgi?id=604 + not do it right: https://curl.haxx.se/bug/view.cgi?id=604 31. "curl-config --libs" will include details set in LDFLAGS when configure is run that might be needed only for building libcurl. Further, curl-config @@ -175,7 +175,7 @@ may have been fixed since this was written! 26. NTLM authentication using SSPI (on Windows) when (lib)curl is running in "system context" will make it use wrong(?) user name - at least when compared - to what winhttp does. See http://curl.haxx.se/bug/view.cgi?id=535 + to what winhttp does. See https://curl.haxx.se/bug/view.cgi?id=535 23. SOCKS-related problems: B) libcurl doesn't support FTPS over a SOCKS proxy. @@ -221,8 +221,8 @@ may have been fixed since this was written! 10. To get HTTP Negotiate (SPNEGO) authentication to work fine, you need to provide a (fake) user name (this concerns both curl and the lib) because the code wrongly only considers authentication if there's a user name provided. - http://curl.haxx.se/bug/view.cgi?id=440 How? - http://curl.haxx.se/mail/lib-2004-08/0182.html + https://curl.haxx.se/bug/view.cgi?id=440 How? + https://curl.haxx.se/mail/lib-2004-08/0182.html 8. Doing resumed upload over HTTP does not work with '-C -', because curl doesn't do a HEAD first to get the initial size. This needs to be done @@ -238,4 +238,4 @@ may have been fixed since this was written! 5. libcurl doesn't treat the content-length of compressed data properly, as it seems HTTP servers send the *uncompressed* length in that header and libcurl thinks of it as the *compressed* length. Some explanations are here: - http://curl.haxx.se/mail/lib-2003-06/0146.html + https://curl.haxx.se/mail/lib-2003-06/0146.html diff --git a/docs/LICENSE-MIXING b/docs/LICENSE-MIXING index ccb6ada32..e9a57bfa0 100644 --- a/docs/LICENSE-MIXING +++ b/docs/LICENSE-MIXING @@ -18,7 +18,7 @@ accompany your license with an exception[2]. This particular problem was addressed when the Modified BSD license was created, which does not have the announcement clause that collides with GPL. -libcurl http://curl.haxx.se/docs/copyright.html +libcurl https://curl.haxx.se/docs/copyright.html Uses an MIT (or Modified BSD)-style license that is as liberal as possible. diff --git a/docs/MAIL-ETIQUETTE b/docs/MAIL-ETIQUETTE index b6c0f4521..75058009e 100644 --- a/docs/MAIL-ETIQUETTE +++ b/docs/MAIL-ETIQUETTE @@ -33,7 +33,7 @@ MAIL ETIQUETTE 1.1 Mailing Lists The mailing lists we have are all listed and described at - http://curl.haxx.se/mail/ + https://curl.haxx.se/mail/ Each mailing list is targeted to a specific set of users and subjects, please use the one or the ones that suit you the most. diff --git a/docs/MANUAL b/docs/MANUAL index fb349485f..08fdb57ae 100644 --- a/docs/MANUAL +++ b/docs/MANUAL @@ -3,7 +3,7 @@ LATEST VERSION You always find news about what's going on as well as the latest versions from the curl web pages, located at: - http://curl.haxx.se + https://curl.haxx.se SIMPLE USAGE @@ -824,7 +824,7 @@ LDAP Working with LDAP URLs": http://developer.netscape.com/docs/manuals/dirsdk/csdk30/url.htm - RFC 2255, "The LDAP URL Format" http://curl.haxx.se/rfc/rfc2255.txt + RFC 2255, "The LDAP URL Format" https://curl.haxx.se/rfc/rfc2255.txt To show you an example, this is how I can get all people from my local LDAP server that has a certain sub-domain in their email address: @@ -1011,7 +1011,7 @@ MAILING LISTS For your convenience, we have several open mailing lists to discuss curl, its development and things relevant to this. Get all info at - http://curl.haxx.se/mail/. Some of the lists available are: + https://curl.haxx.se/mail/. Some of the lists available are: curl-users diff --git a/docs/RESOURCES b/docs/RESOURCES index 760e75975..1ad8aac31 100644 --- a/docs/RESOURCES +++ b/docs/RESOURCES @@ -36,7 +36,7 @@ This document lists documents and standards used by curl. RFC 2109 - HTTP State Management Mechanism (cookie stuff) - Also, read Netscape's specification at - http://curl.haxx.se/rfc/cookie_spec.html + https://curl.haxx.se/rfc/cookie_spec.html RFC 2183 - The Content-Disposition Header Field diff --git a/docs/SECURITY b/docs/SECURITY index ee844d802..7b245d7ba 100644 --- a/docs/SECURITY +++ b/docs/SECURITY @@ -14,7 +14,7 @@ Publishing Information ---------------------- All known and public curl or libcurl related vulnerabilities are listed on -[the curl web site security page](http://curl.haxx.se/docs/security.html). +[the curl web site security page](https://curl.haxx.se/docs/security.html). Security vulnerabilities should not be entered in the project's public bug tracker unless the necessary configuration is in place to limit access to the diff --git a/docs/SSL-PROBLEMS b/docs/SSL-PROBLEMS index 45faa241c..e63987101 100644 --- a/docs/SSL-PROBLEMS +++ b/docs/SSL-PROBLEMS @@ -60,7 +60,7 @@ Ciphers References: https://tools.ietf.org/html/draft-popov-tls-prohibiting-rc4-01 - + Allow BEAST BEAST is the name of a TLS 1.0 attack that surfaced 2011. When adding means @@ -84,4 +84,4 @@ Disabling certificate revocation checks References: - http://curl.haxx.se/docs/ssl-compared.html + https://curl.haxx.se/docs/ssl-compared.html diff --git a/docs/SSLCERTS b/docs/SSLCERTS index 89e5bb623..b793b2c78 100644 --- a/docs/SSLCERTS +++ b/docs/SSLCERTS @@ -109,7 +109,7 @@ server, do one of the following: 5. Get a better/different/newer CA cert bundle! One option is to extract the one a recent Firefox browser uses by running 'make ca-bundle' in the curl build tree root, or possibly download a version that was generated this - way for you: [CA Extract](http://curl.haxx.se/docs/caextract.html) + way for you: [CA Extract](https://curl.haxx.se/docs/caextract.html) Neglecting to use one of the above methods when dealing with a server using a certificate that isn't signed by one of the certificates in the installed CA @@ -172,7 +172,7 @@ signal handler back into the library with a sigsetjmp, which effectively causes libcurl to continue running within the signal handler. This is non-portable and could cause problems on some platforms. A discussion on the - problem is available at http://curl.haxx.se/mail/lib-2008-09/0197.html + problem is available at https://curl.haxx.se/mail/lib-2008-09/0197.html Also, alarm() provides timeout resolution only to the nearest second. alarm ought to be replaced by setitimer on systems that support it. @@ -261,7 +261,7 @@ hack ;-) Please see the following thread for more information: - http://curl.haxx.se/mail/lib-2012-05/0178.html + https://curl.haxx.se/mail/lib-2012-05/0178.html 1.14 Typesafe curl_easy_setopt() @@ -355,7 +355,7 @@ When trying to connect passively to a server which only supports active connections, libcurl returns CURLE_FTP_WEIRD_PASV_REPLY and closes the connection. There could be a way to fallback to an active connection (and - vice versa). http://curl.haxx.se/bug/feature.cgi?id=1754793 + vice versa). https://curl.haxx.se/bug/feature.cgi?id=1754793 4.3 Earlier bad letter detection @@ -392,13 +392,13 @@ This is not detailed in any FTP specification. 5.1 Better persistency for HTTP 1.0 "Better" support for persistent connections over HTTP 1.0 - http://curl.haxx.se/bug/feature.cgi?id=1089001 + https://curl.haxx.se/bug/feature.cgi?id=1089001 5.2 support FF3 sqlite cookie files Firefox 3 is changing from its former format to a a sqlite database instead. We should consider how (lib)curl can/should support this. - http://curl.haxx.se/bug/feature.cgi?id=1871388 + https://curl.haxx.se/bug/feature.cgi?id=1871388 5.3 Rearrange request header order @@ -543,7 +543,7 @@ that doesn't exist on the server, just like --ftp-create-dirs. 13.1 Disable specific versions Provide an option that allows for disabling specific SSL versions, such as - SSLv2 http://curl.haxx.se/bug/feature.cgi?id=1767276 + SSLv2 https://curl.haxx.se/bug/feature.cgi?id=1767276 13.2 Provide mutex locking API @@ -554,7 +554,7 @@ that doesn't exist on the server, just like --ftp-create-dirs. 13.3 Evaluate SSL patches Evaluate/apply Gertjan van Wingerde's SSL patches: - http://curl.haxx.se/mail/lib-2004-03/0087.html + https://curl.haxx.se/mail/lib-2004-03/0087.html 13.4 Cache OpenSSL contexts @@ -592,9 +592,9 @@ that doesn't exist on the server, just like --ftp-create-dirs. https://www.rfc-editor.org/rfc/rfc6698.txt An initial patch was posted by Suresh Krishnaswamy on March 7th 2013 - (http://curl.haxx.se/mail/lib-2013-03/0075.html) but it was a too simple + (https://curl.haxx.se/mail/lib-2013-03/0075.html) but it was a too simple approach. See Daniel's comments: - http://curl.haxx.se/mail/lib-2013-03/0103.html . libunbound may be the + https://curl.haxx.se/mail/lib-2013-03/0103.html . libunbound may be the correct library to base this development on. 14. GnuTLS @@ -686,7 +686,7 @@ that doesn't exist on the server, just like --ftp-create-dirs. The client could be told to use maximum N simultaneous parallel transfers and then just make sure that happens. It should of course not make more than one connection to the same remote host. This would require the client to use the - multi interface. http://curl.haxx.se/bug/feature.cgi?id=1558595 + multi interface. https://curl.haxx.se/bug/feature.cgi?id=1558595 17.5 provide formpost headers diff --git a/docs/TheArtOfHttpScripting b/docs/TheArtOfHttpScripting index 76faee4a8..047db809b 100644 --- a/docs/TheArtOfHttpScripting +++ b/docs/TheArtOfHttpScripting @@ -136,7 +136,7 @@ The Art Of Scripting HTTP Requests Using Curl The Uniform Resource Locator format is how you specify the address of a particular resource on the Internet. You know these, you've seen URLs like - http://curl.haxx.se or https://yourbank.com a million times. RFC 3986 is the + https://curl.haxx.se or https://yourbank.com a million times. RFC 3986 is the canonical spec. And yeah, the formal name is not URL, it is URI. 2.2 Host @@ -203,7 +203,7 @@ The Art Of Scripting HTTP Requests Using Curl issues a GET request to the server and receives the document it asked for. If you issue the command line - curl http://curl.haxx.se + curl https://curl.haxx.se you get a web page returned in your terminal window. The entire HTML document that that URL holds. @@ -628,7 +628,7 @@ The Art Of Scripting HTTP Requests Using Curl More about server certificate verification and ca cert bundles can be read in the SSLCERTS document, available online here: - http://curl.haxx.se/docs/sslcerts.html + https://curl.haxx.se/docs/sslcerts.html At times you may end up with your own CA cert store and then you can tell curl to use that to verify the server's certificate: @@ -755,4 +755,4 @@ The Art Of Scripting HTTP Requests Using Curl 14.2 Sites - http://curl.haxx.se is the home of the cURL project + https://curl.haxx.se is the home of the cURL project diff --git a/docs/curl.1 b/docs/curl.1 index 3bcddd6f3..496b00aef 100644 --- a/docs/curl.1 +++ b/docs/curl.1 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -846,7 +846,7 @@ the CA certificate bundle installed by default. This makes all connections considered "insecure" fail unless \fI-k, --insecure\fP is used. See this online resource for further details: -\fBhttp://curl.haxx.se/docs/sslcerts.html\fP +\fBhttps://curl.haxx.se/docs/sslcerts.html\fP .IP "-K, --config <config file>" Specify which config file to read curl arguments from. The config file is a text file in which command line arguments can be written which then will be @@ -873,7 +873,7 @@ Note that to be able to specify a URL in the config file, you need to specify it using the \fI--url\fP option, and not by simply writing the URL on its own line. So, it could look similar to this: -url = "http://curl.haxx.se/docs/" +url = "https://curl.haxx.se/docs/" When curl is invoked, it always (unless \fI-q\fP is used) checks for a default config file and uses it if found. The default config file is checked for in @@ -2347,7 +2347,7 @@ are meant to never change. Daniel Stenberg is the main author, but the whole list of contributors is found in the separate THANKS file. .SH WWW -http://curl.haxx.se +https://curl.haxx.se .SH FTP ftp://ftp.sunet.se/pub/www/utilities/curl/ .SH "SEE ALSO" diff --git a/docs/libcurl/libcurl-thread.3 b/docs/libcurl/libcurl-thread.3 index fd5b0e423..ff67a1d99 100644 --- a/docs/libcurl/libcurl-thread.3 +++ b/docs/libcurl/libcurl-thread.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 2015, Daniel Stenberg, <daniel@haxx.se>, et al. +.\" * Copyright (C) 2015 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -43,7 +43,7 @@ or two functions to allow it to function properly: .IP OpenSSL http://www.openssl.org/docs/crypto/threads.html#DESCRIPTION -http://curl.haxx.se/libcurl/c/opensslthreadlock.html +https://curl.haxx.se/libcurl/c/opensslthreadlock.html .IP GnuTLS http://gnutls.org/manual/html_node/Thread-safety.html .IP NSS |