aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--CHANGES4
-rw-r--r--RELEASE-NOTES1
-rw-r--r--docs/libcurl/curl_easy_setopt.33
-rw-r--r--lib/url.c26
-rw-r--r--tests/data/test110946
-rw-r--r--tests/data/test111046
-rw-r--r--tests/data/test111146
7 files changed, 163 insertions, 9 deletions
diff --git a/CHANGES b/CHANGES
index ad3b8c478..506054914 100644
--- a/CHANGES
+++ b/CHANGES
@@ -6,6 +6,10 @@
Changelog
+Claes Jakobsson (6 Jan 2010)
+- Julien Chaffraix fixed so that the fragment part in an URL is not sent
+ to the server anymore.
+
Kamil Dudka (3 Jan 2010)
- Julien Chaffraix eliminated a duplicated initialization in singlesocket().
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 46b93e8e6..19d8752e4 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -40,6 +40,7 @@ This release includes the following bugfixes:
o some *_proxy environment variables didn't function
o libcurl-OpenSSL engine cleanup
o header include fix for FreeBSD versions before v8
+ o fragment part of URLs are no longer sent to the server
This release includes the following known bugs:
diff --git a/docs/libcurl/curl_easy_setopt.3 b/docs/libcurl/curl_easy_setopt.3
index 97baa359a..dd1a38ae4 100644
--- a/docs/libcurl/curl_easy_setopt.3
+++ b/docs/libcurl/curl_easy_setopt.3
@@ -449,6 +449,9 @@ on which protocols are supported.
The string given to CURLOPT_URL must be url-encoded and follow RFC 2396
(http://curl.haxx.se/rfc/rfc2396.txt).
+Please note that starting with version 7.20.0, the fragment part of the URI will
+not be send as part of the path, which was the case previously.
+
\fICURLOPT_URL\fP is the only option that \fBmust\fP be set before
\fIcurl_easy_perform(3)\fP is called.
diff --git a/lib/url.c b/lib/url.c
index 13f80987a..5c7699d88 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -3311,8 +3311,9 @@ static CURLcode parseurlandfillconn(struct SessionHandle *data,
bool *prot_missing)
{
char *at;
- char *tmp;
+ char *fragment;
char *path = data->state.path;
+ char *query;
int rc;
char protobuf[16];
const char *protop;
@@ -3438,11 +3439,11 @@ static CURLcode parseurlandfillconn(struct SessionHandle *data,
*/
at = strchr(conn->host.name, '@');
if(at)
- tmp = strchr(at+1, '?');
+ query = strchr(at+1, '?');
else
- tmp = strchr(conn->host.name, '?');
+ query = strchr(conn->host.name, '?');
- if(tmp) {
+ if(query) {
/* We must insert a slash before the '?'-letter in the URL. If the URL had
a slash after the '?', that is where the path currently begins and the
'?string' is still part of the host name.
@@ -3451,7 +3452,7 @@ static CURLcode parseurlandfillconn(struct SessionHandle *data,
the path. And have it all prefixed with a slash.
*/
- size_t hostlen = strlen(tmp);
+ size_t hostlen = strlen(query);
size_t pathlen = strlen(path);
/* move the existing path plus the zero byte forward, to make room for
@@ -3459,11 +3460,11 @@ static CURLcode parseurlandfillconn(struct SessionHandle *data,
memmove(path+hostlen+1, path, pathlen+1);
/* now copy the trailing host part in front of the existing path */
- memcpy(path+1, tmp, hostlen);
+ memcpy(path+1, query, hostlen);
path[0]='/'; /* prepend the missing slash */
- *tmp=0; /* now cut off the hostname at the ? */
+ *query=0; /* now cut off the hostname at the ? */
}
else if(!path[0]) {
/* if there's no path set, use a single slash */
@@ -3500,12 +3501,19 @@ static CURLcode parseurlandfillconn(struct SessionHandle *data,
}
}
- if (data->set.scope)
+ if(data->set.scope)
/* Override any scope that was set above. */
conn->scope = data->set.scope;
+ /* Remove the fragment part of the path. Per RFC 2396, this is always the
+ last part of the URI. We are looking for the first '#' so that we deal gracefully
+ with non conformant URI such as http://example.com#foo#bar. */
+ fragment = strchr(path, '#');
+ if(fragment)
+ *fragment = 0;
+
/*
- * So if the URL was A://B/C,
+ * So if the URL was A://B/C#D,
* protop is A
* conn->host.name is B
* data->state.path is /C
diff --git a/tests/data/test1109 b/tests/data/test1109
new file mode 100644
index 000000000..fc7fc225f
--- /dev/null
+++ b/tests/data/test1109
@@ -0,0 +1,46 @@
+<testcase>
+# Test that the fragment is not send as part of the path.
+<info>
+<keywords>
+HTTP
+CURLOPT_URL
+</keywords>
+</info>
+
+# Server-side
+<reply name="1">
+<data>
+HTTP/1.1 200 OK
+Content-Length: 6
+
+hello
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+ <name>
+HTTP GET
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/1109#test
+</command>
+</client>
+
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /1109 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1110 b/tests/data/test1110
new file mode 100644
index 000000000..0597d3ccf
--- /dev/null
+++ b/tests/data/test1110
@@ -0,0 +1,46 @@
+<testcase>
+# Test that the fragment is not send as part of the path when the path contains a query.
+<info>
+<keywords>
+HTTP
+CURLOPT_URL
+</keywords>
+</info>
+
+# Server-side
+<reply name="1">
+<data>
+HTTP/1.1 200 OK
+Content-Length: 6
+
+hello
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+ <name>
+HTTP GET
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/1110?q=foobar#fragment
+</command>
+</client>
+
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /1110?q=foobar HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/data/test1111 b/tests/data/test1111
new file mode 100644
index 000000000..0f8e0563c
--- /dev/null
+++ b/tests/data/test1111
@@ -0,0 +1,46 @@
+<testcase>
+# Test that no fragment is not send as part of the path when the URI contains 2 '#' (does not follow RFC 2396)
+<info>
+<keywords>
+HTTP
+CURLOPT_URL
+</keywords>
+</info>
+
+# Server-side
+<reply name="1">
+<data>
+HTTP/1.1 200 OK
+Content-Length: 6
+
+hello
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+ <name>
+HTTP GET
+ </name>
+ <command>
+http://%HOSTIP:%HTTPPORT/1111?q=foobar#fragment#fragment2
+</command>
+</client>
+
+
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /1111?q=foobar HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>