Age | Commit message (Collapse) | Author |
|
The draft-ietf-httpbis-rfc6265bis-02 draft, specify a set of prefixes
and how they should affect cookie initialization, which has been
adopted by the major browsers. This adds support for the two prefixes
defined, __Host- and __Secure, and updates the testcase with the
supplied examples from the draft.
Closes #3554
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
|
Detected by scan-build
|
|
Fix scan-build warnings, no globals, no silly handle scan. Also remove
handles from the multi before cleaning up.
|
|
To avoid scan-build warnings and global variables.
|
|
Detected by scan-build
|
|
Detected by scan-build
|
|
in ftpget, ftpsget and sftpget, so that scan-build stops warning for
potential NULL pointer dereference below!
Detected by scan-build
|
|
Closes #2367
|
|
Closes #2905
|
|
Closes #2719
|
|
Closes #3523
|
|
Closes #3109
|
|
Nobody works on this now.
Closes #3378
|
|
- Pass an empty string to CURLOPT_ACCEPT_ENCODING to use the default
supported encodings.
Prior to this change the specific encodings of gzip and deflate were set
but there's no guarantee they'd be supported by the user's libcurl.
|
|
The Kerberos subsection was mistakenly a subsubsection under FTP, and
the curlx subsection was missing an anchor for the TOC link.
Closes #3529
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
|
|
|
|
|
Commit 7a09b52c98ac8d840a8a9907b1a1d9a9e684bcf5 introduced support
for the draft-ietf-httpbis-cookie-alone-01 cookie draft, and while
the entry was removed from the TODO it was mistakenly left here.
Fix by removing and rewording the entry slightly.
Closes #3530
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
|
Fix grammatical errors making the document read better. Also fixes
a typo.
Closes #3525
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
|
|
Fixes #3518
Closes #3522
|
|
Stick to "Schannel" everywhere. The configure option --with-winssl is
kept to allow existing builds to work but --with-schannel is added as an
alias.
Closes #3504
|
|
Use an ephemeral port number here; previously the example had 8080
which could be confusing as the common web server port number might
be misinterpreted as suggesting this option affects the remote port.
URL: https://curl.haxx.se/mail/lib-2019-01/0084.html
Closes #3513
|
|
A backslash should be escaped in Roff / Troff.
|
|
By default WinSSL selects and send a client certificate automatically,
but for privacy and consistency we should offer an option to disable the
default auto-send behavior.
Reported-by: Jeroen Ooms
Closes https://github.com/curl/curl/issues/2262
|
|
Closes #3289
[skip ci]
|
|
|
|
|
|
Closes #3125
|
|
Closes #3229
|
|
Closes #3417
|
|
[skip ci]
|
|
Closes #3431
|
|
Reviewed-by: Daniel Gustafsson
Closes #3432
|
|
Add a few missing examples to make `make examples` not leave the
workspace in a dirty state.
Closes #3427
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
|
|
Add Adrian Burcea who made the artwork for the curl://up 2018 event
which was held in Stockholm, Sweden.
|
|
When a non-empty list is appended to, and used as the returnvalue,
the list pointer can leak in case of an allocation failure in the
curl_slist_append() call. This is correctly handled in curl code
usage but we weren't explicitly pointing it out in the API call
documentation. Fix by extending the RETURNVALUE manpage section
and example code.
Closes #3424
Reported-by: dnivras on github
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
|
Researched-by: Tae Wong
|
|
Due to a report of a missing name in THANKS I manually went through an
old CHANGES.0 file and added many previously missing names here.
|
|
Reported-by: Tae Wong
|
|
|
|
This adds support for wildcard hosts in CURLOPT_RESOLVE. These are
try-last so any non-wildcard entry is resolved first. If specified,
any host not matched by another CURLOPT_RESOLVE config will use this
as fallback.
Example send a.com to 10.0.0.1 and everything else to 10.0.0.2:
curl --resolve *:443:10.0.0.2 --resolve a.com:443:10.0.0.1 \
https://a.com https://b.com
This is probably quite similar to using:
--connect-to a.com:443:10.0.0.1:443 --connect-to :443:10.0.0.2:443
Closes #3406
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
|
The project bug tracker is no longer hosted at sourceforge but is now
hosted on the curl Github page. Update the FAQ to reflect.
Closes #3410
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
|
Added CURLOPT_HTTP09_ALLOWED and --http0.9 for this purpose.
For now, both the tool and library allow HTTP/0.9 by default.
docs/DEPRECATE.md lays out the plan for when to reverse that default: 6
months after the 7.64.0 release. The options are added already now so
that applications/scripts can start using them already now.
Fixes #2873
Closes #3383
|
|
Closes #3354
|
|
|
|
This adds the CURLOPT_TRAILERDATA and CURLOPT_TRAILERFUNCTION
options that allow a callback based approach to sending trailing headers
with chunked transfers.
The test server (sws) was updated to take into account the detection of the
end of transfer in the case of trailing headers presence.
Test 1591 checks that trailing headers can be sent using libcurl.
Closes #3350
|
|
Only allow secure origins to be able to write cookies with the
'secure' flag set. This reduces the risk of non-secure origins
to influence the state of secure origins. This implements IETF
Internet-Draft draft-ietf-httpbis-cookie-alone-01 which updates
RFC6265.
Closes #2956
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
|
|
Reported-by: Tobias Lindgren
Pointed out in #3367
Closes #3368
|
|
|
|
Prior to 7.56.0, fieldnames and filenames were set in Content-Disposition
header without special processing: this may lead to invalid RFC 822
quoted-strings.
7.56.0 introduces escaping of backslashes and double quotes in these names:
mention it in the documentation.
Reported-by: daboul on github
Closes #3361
|