Age | Commit message (Collapse) | Author |
|
RFC 7230 says we should stop. Firefox already stopped.
Bug: https://github.com/curl/curl/issues/633
Reported-By: Brad Fitzpatrick
Closes #633
|
|
|
|
- Add unit test 1604 to test the sanitize_file_name function.
- Use -DCURL_STATICLIB when building libcurltool for unit testing.
- Better detection of reserved DOS device names.
- New flags to modify sanitize behavior:
SANITIZE_ALLOW_COLONS: Allow colons
SANITIZE_ALLOW_PATH: Allow path separators and colons
SANITIZE_ALLOW_RESERVED: Allow reserved device names
SANITIZE_ALLOW_TRUNCATE: Allow truncating a long filename
- Restore sanitization of banned characters from user-specified outfile.
Prior to this commit sanitization of a user-specified outfile was
temporarily disabled in 2b6dadc because there was no way to allow path
separators and colons through while replacing other banned characters.
Now in such a case we call the sanitize function with
SANITIZE_ALLOW_PATH which allows path separators and colons to pass
through.
Closes https://github.com/curl/curl/issues/624
Reported-by: Octavio Schroeder
|
|
|
|
Closes #632
|
|
|
|
|
|
It isn't used by the code in current conditions but for safety it seems
sensible to at least not crash on such input.
Extended unit test 1395 to verify this too as well as a plain "/" input.
|
|
Because disabling the peer verification (--insecure) must not disable
the public key pinning check (--pinnedpubkey).
|
|
Before this patch, if a URL does not start with the protocol
name/scheme, effective URLs would be prefixed with upper-case protocol
names/schemes. This behavior might not be expected by library users or
end users.
For example, if `CURLOPT_DEFAULT_PROTOCOL` is set to "https". And the
URL is "hostname/path". The effective URL would be
"HTTPS://hostname/path" instead of "https://hostname/path".
After this patch, effective URLs would be prefixed with a lower-case
protocol name/scheme.
Closes #597
Signed-off-by: Mohammad AlSaleh <CE.Mohammad.AlSaleh@gmail.com>
|
|
.. and enable SSLpinning tests for mbedTLS, BoringSSL and LibreSSL.
|
|
Use the ACE form of IDN hostnames as key in the connection cache. Add
new tests.
Closes #592
|
|
|
|
|
|
MSYS would otherwise turn a /-style path into a C:\-style path.
|
|
While still using datacheck mode binary for the inline reply data.
|
|
Move the text-mode conversion for reply/replycheck from the verify
section into the load section and add support for 4 more check parts.
|
|
|
|
|
|
|
|
Not converting to double caused small timeouts to be skipped.
|
|
Not converting to double caused small timeouts to be skipped.
|
|
|
|
Follow up on b064ff0c351bb287557228575ef4c1d079b866fb, thanks Daniel.
|
|
|
|
|
|
|
|
|
|
The request needs to be read and send in binary mode in order to use
CRLF instead of LF. Adding --upload-file - causes curl to read stdin
in binary mode.
|
|
|
|
|
|
The previous implementation caused issues on modern MSYS2 runtimes.
|
|
Make this the default for the curl tool (if built with HTTP/2 powers
enabled) unless a specific HTTP version is requested on the command
line.
This should allow more users to get HTTP/2 powers without having to
change anything.
|
|
|
|
|
|
Tests 842, 843, 844, 845, 887, 888, 889, 890, 946, 947, 948 and 949 fail
if a custom port number is specified via the -b option of runtests.pl.
Suggested by: Kamil Dudka
Bug: http://curl.haxx.se/mail/lib-2015-12/0003.html
|
|
|
|
test845 not present in tests/data/Makefile.inc
|
|
|
|
As POP3 final and continuation responses both begin with a + character,
and both the finalcode and contcode variables in SASLprotoc are set as
such, we cannot tell the difference between them when we are expecting
an optional continuation from the server such as the following:
+ something else from the server
+OK final response
Disabled these tests until such a time we can tell the responses apart.
|
|
|
|
|
|
|
|
|
|
The hashes can vary between architectures (e.g. Sparc differs from x86_64).
This is not a fatal problem but just reduces the coverage of these white-box
tests, as the assumptions about into which hash bucket each key falls are no
longer valid.
|
|
|
|
|
|
- no point in repeating curl features that is already listed as features
from the curl -V output
- remove the port numbers/unix domain path from the output unless
verbose is used, as that is rarely interesting to users.
|
|
|
|
Bug: https://github.com/bagder/curl/issues/486
Closes https://github.com/bagder/curl/pull/487
|