aboutsummaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2018-06-13 11:24:34 +0200
committerDaniel Stenberg <daniel@haxx.se>2018-06-13 11:24:34 +0200
commit54066f5d09dce2c96ddda6e25f33cf8fa5d50801 (patch)
treef401821ba3d7b47ecfec9b053d6df5c1b511b29d /docs
parenta0f9670ec9caff9fcf4afe2e47904aa143d3b5aa (diff)
TODO: "Option to refuse usernames in URLs" done
Implemented by Björn in 946ce5b61f
Diffstat (limited to 'docs')
-rw-r--r--docs/TODO11
1 files changed, 0 insertions, 11 deletions
diff --git a/docs/TODO b/docs/TODO
index 3d58717b4..cea637868 100644
--- a/docs/TODO
+++ b/docs/TODO
@@ -17,7 +17,6 @@
All bugs documented in the KNOWN_BUGS document are subject for fixing!
1. libcurl
- 1.1 Option to refuse usernames in URLs
1.2 More data sharing
1.3 struct lifreq
1.4 signal-based resolver timeouts
@@ -189,16 +188,6 @@
1. libcurl
-1.1 Option to refuse usernames in URLs
-
- There's a certain risk for application in allowing user names in URLs. For
- example: if the wrong person gets to set the URL and manages to set a user
- name in there when .netrc is used, the application may send along a password
- that otherwise the person couldn't provide.
-
- A new libcurl option could be added to allow applications to switch off this
- feature and thus avoid a potential risk.
-
1.2 More data sharing
curl_share_* functions already exist and work, and they can be extended to