aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2020-05-14 14:37:12 +0200
committerDaniel Stenberg <daniel@haxx.se>2020-05-14 17:59:47 +0200
commit600a8cded447cd7118ed50142c576567c0cf5158 (patch)
treeb375eac991c046e6bad38c1527b100673662d3cb /lib
parente2a7a6bb9ee9be1f203ce23fd7e112d9fa37b35b (diff)
url: make the updated credentials URL-encoded in the URL
Found-by: Gregory Jefferis Reported-by: Jeroen Ooms Added test 1168 to verify. Bug spotted when doing a redirect. Bug: https://github.com/jeroen/curl/issues/224 Closes #5400
Diffstat (limited to 'lib')
-rw-r--r--lib/url.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/lib/url.c b/lib/url.c
index f250f2ff2..9b8b2bdde 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -2788,12 +2788,14 @@ static CURLcode override_login(struct Curl_easy *data,
/* for updated strings, we update them in the URL */
if(user_changed) {
- uc = curl_url_set(data->state.uh, CURLUPART_USER, *userp, 0);
+ uc = curl_url_set(data->state.uh, CURLUPART_USER, *userp,
+ CURLU_URLENCODE);
if(uc)
return Curl_uc_to_curlcode(uc);
}
if(passwd_changed) {
- uc = curl_url_set(data->state.uh, CURLUPART_PASSWORD, *passwdp, 0);
+ uc = curl_url_set(data->state.uh, CURLUPART_PASSWORD, *passwdp,
+ CURLU_URLENCODE);
if(uc)
return Curl_uc_to_curlcode(uc);
}