aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/setopt.c4
-rw-r--r--lib/url.c7
-rw-r--r--lib/urldata.h1
3 files changed, 12 insertions, 0 deletions
diff --git a/lib/setopt.c b/lib/setopt.c
index 93a4dd2b5..5ecf5b97f 100644
--- a/lib/setopt.c
+++ b/lib/setopt.c
@@ -2590,6 +2590,10 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option,
case CURLOPT_DNS_SHUFFLE_ADDRESSES:
data->set.dns_shuffle_addresses = (0 != va_arg(param, long)) ? TRUE:FALSE;
break;
+ case CURLOPT_DISALLOW_USERNAME_IN_URL:
+ data->set.disallow_username_in_url =
+ (0 != va_arg(param, long)) ? TRUE : FALSE;
+ break;
default:
/* unknown tag and its companion, just ignore: */
result = CURLE_UNKNOWN_OPTION;
diff --git a/lib/url.c b/lib/url.c
index 411a0c814..c62221048 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -3170,6 +3170,13 @@ static CURLcode parse_url_login(struct Curl_easy *data,
if(userp) {
char *newname;
+ if(data->set.disallow_username_in_url) {
+ failf(data, "Option DISALLOW_USERNAME_IN_URL is set "
+ "and url contains username.");
+ result = CURLE_LOGIN_DENIED;
+ goto out;
+ }
+
/* We have a user in the URL */
conn->bits.userpwd_in_url = TRUE;
conn->bits.user_passwd = TRUE; /* enable user+password */
diff --git a/lib/urldata.h b/lib/urldata.h
index f1b67c3d1..7e647a2a6 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -1689,6 +1689,7 @@ struct UserDefined {
curl_resolver_start_callback resolver_start; /* optional callback called
before resolver start */
void *resolver_start_client; /* pointer to pass to resolver start callback */
+ bool disallow_username_in_url; /* disallow username in url */
};
struct Names {