aboutsummaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
Diffstat (limited to 'docs')
-rw-r--r--docs/KNOWN_BUGS8
-rw-r--r--docs/curl.13
2 files changed, 11 insertions, 0 deletions
diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS
index aa39b8082..e838fefdc 100644
--- a/docs/KNOWN_BUGS
+++ b/docs/KNOWN_BUGS
@@ -3,6 +3,14 @@ join in and help us correct one or more of these! Also be sure to check the
changelog of the current development status, as one or more of these problems
may have been fixed since this was written!
+87. -J/--remote-header-name doesn't decode %-encoded file names. RFC6266
+ details how it should be done. The can of worm is basically that we have no
+ charset handling in curl and ascii >=128 is a challenge for us. Not to
+ mention that decoding also means that we need to check for nastyness that is
+ attempted, like "../" sequences and the like. Probably everything to the left
+ of any embedded slashes should be cut off.
+ http://curl.haxx.se/bug/view.cgi?id=1294
+
86. The disconnect commands (LOGOUT and QUIT) may not be sent by IMAP, POP3
and SMTP if a failure occures during the authentication phase of a
connection.
diff --git a/docs/curl.1 b/docs/curl.1
index e94827f7b..49194762a 100644
--- a/docs/curl.1
+++ b/docs/curl.1
@@ -711,6 +711,9 @@ cookies when they're closed down.
(HTTP) This option tells the \fI-O, --remote-name\fP option to use the
server-specified Content-Disposition filename instead of extracting a filename
from the URL.
+
+There's no attempt to decode %-sequences (yet) in the provided file name, so
+this option may provide you with rather unexpected file names.
.IP "-k, --insecure"
(SSL) This option explicitly allows curl to perform "insecure" SSL connections
and transfers. All SSL connections are attempted to be made secure by using