Age | Commit message (Collapse) | Author |
|
The URL extracted with CURLINFO_EFFECTIVE_URL was returned as given as
input in most cases, which made it not get a scheme prefixed like before
if the URL was given without one, and it didn't remove dotdot sequences
etc.
Added test case 1907 to verify that this now works as intended and as
before 7.62.0.
Regression introduced in 7.62.0
Reported-by: Christophe Dervieux
Fixes #4491
Closes #4493
|
|
Mark some files as text.
Closes https://github.com/curl/curl/pull/4490
|
|
This makes the tests succeed when using --disable-proxy.
Closes https://github.com/curl/curl/pull/4488
|
|
Python 2's `ConfigParser` module is spelled `configparser` in Python 3.
Closes https://github.com/curl/curl/pull/4484
|
|
... when the tests want "connection refused".
|
|
Follow-up to 93373a960c3bb4
Reported-by: infinnovation-dev on github
Fixes #4474
Closes #4475
|
|
This completes #3794.
Also make sure the new tests from #4195 are enabled
Closes #4465
|
|
Follow-up from 2c20109a9b5d04
Added test 663 to verify.
Reported by OSS-Fuzz
Bug: https://crbug.com/oss-fuzz/17954
Closes #4453
|
|
... to make it handle for example (RFC violating) embeded spaces.
Reported-by: momala454 on github
Fixes #4445
Closes #4447
|
|
This should again enable crazy-large download ranges of the style
[1-10000000] that otherwise easily ran out of memory starting in 7.66.0
when this new handle allocating scheme was introduced.
Reported-by: Peter Sumatra
Fixes #4393
Closes #4438
|
|
Closes #4441
|
|
As mandated by the spec. Test 1654 is extended to verify.
Closes #4443
|
|
The 'share object' only sets the storage area for cookies. The "cookie
engine" still needs to be enabled or activated using the normal cookie
options.
This caused the curl command line tool to accidentally use cookies
without having been told to, since curl switched to using shared cookies
in 7.66.0.
Test 1166 verifies
Updated test 506
Fixes #4429
Closes #4434
|
|
Add libtest 661
Closes #4417
|
|
Closes #4428
|
|
`timediff_t` is 64 bits wide also on 32-bit systems since
commit b1616dad8f0.
Closes https://github.com/curl/curl/pull/4415
|
|
This reverts commit 2f036a72d543e96128bd75cb0fedd88815fd42e2.
|
|
Closes #4423
|
|
The parser would check for a query part before fragment, which caused it
to do wrong when the fragment contains a question mark.
Extended test 1560 to verify.
Reported-by: Alex Konev
Fixes #4412
Closes #4413
|
|
CURLU_NO_AUTHORITY is intended for use with unknown schemes (i.e. not
"file:///") to override cURL's default demand that an authority exists.
Closes #4349
|
|
Closes #4348
|
|
Unclear why this was not detected in the CI.
Follow-up to b7666027296a
|
|
Added unit test case 1655 to verify.
Close #4352
the code correctly finds the flaws in the old code,
if one temporarily restores doh.c to the old version.
|
|
This is a protocol violation but apparently there are legacy proprietary
servers doing this.
Added test 336 and 337 to verify.
Reported-by: Philippe Marguinaud
Closes #4339
|
|
Closes #4332
|
|
It needs to parse correctly. Otherwise it could be tricked into letting
through a-f using host names that libcurl would then resolve. Like
'[ab.be]'.
Reported-by: Thomas Vegas
Closes #4315
|
|
This allows the function to figure out if a unix domain socket has a
file name or not associated with it! When a socket is created with
socketpair(), as done in the fuzzer testing, the path struct member is
uninitialized and must not be accessed.
Bug: https://crbug.com/oss-fuzz/16699
Closes #4283
|
|
Double-underscored or underscore plus uppercase letter at least.
... as they're claimed to be reserved.
Reported-by: patnyb on github
Fixes #4254
Closes #4255
|
|
When a username and password are provided in the URL, they were wrongly
removed from the stored URL so that subsequent uses of the same URL
wouldn't find the crendentials. This made doing HTTP auth with multiple
connections (like Digest) mishave.
Regression from 46e164069d1a5230 (7.62.0)
Test case 335 added to verify.
Reported-by: Mike Crowe
Fixes #4228
Closes #4229
|
|
Tests are no longer grouped by numeric range[1]. Let's stop saying that
and provide some alternative advice for numbering tests.
[1] https://curl.haxx.se/mail/lib-2019-08/0043.html
Closes #4227
|
|
- Add new error code CURLE_AUTH_ERROR.
Prior to this change auth function errors were signaled by
CURLE_OUT_OF_MEMORY and CURLE_RECV_ERROR, and neither one was
technically correct.
Ref: https://github.com/curl/curl/pull/3848
Co-authored-by: Dominik Hölzl
Closes https://github.com/curl/curl/pull/3864
|
|
Closes #4204
|
|
Leftovers from the function rename back in 76b63489495
Reported-by: Gisle Vanem
Bug: https://github.com/curl/curl/commit/f3e0f071b14fcb46a453f69bdf4e062bcaacf362#com
mitcomment-34601751
Closes #4203
|
|
So that users can mask in/out specific HTTP versions when Alt-Svc is
used.
- Removed "h2c" and updated test case accordingly
- Changed how the altsvc struct is laid out
- Added ifdefs to make the unittest run even in a quiche-tree
Closes #4201
|
|
This is only the libcurl part that provides the information. There's no
user of the parsed value. This change includes three new tests for the
parser.
Ref: #3794
|
|
- Change data and protocol sections to CRLF line endings.
Prior to this change the tests would fail or hang, which is because
certain sections such as protocol require CRLF line endings.
Follow-up to grandparent commit which added the tests.
Ref: https://github.com/curl/curl/issues/3653
Ref: https://github.com/curl/curl/pull/3790
NOTE: This commit was cherry-picked and is part of a series of commits
that added the authzid feature for upcoming 7.66.0. The series was
temporarily reverted in db8ec1f so that it would not ship in a 7.65.x
patch release.
Closes https://github.com/curl/curl/pull/4186
|
|
Ref: https://github.com/curl/curl/issues/3653
Ref: https://github.com/curl/curl/pull/3790
NOTE: This commit was cherry-picked and is part of a series of commits
that added the authzid feature for upcoming 7.66.0. The series was
temporarily reverted in db8ec1f so that it would not ship in a 7.65.x
patch release.
Closes https://github.com/curl/curl/pull/4186
|
|
Repeatedly we see problems where using curl_multi_wait() is difficult or
just awkward because if it has no file descriptor to wait for
internally, it returns immediately and leaves it to the caller to wait
for a small amount of time in order to avoid occasional busy-looping.
This is often missed or misunderstood, leading to underperforming
applications.
This change introduces curl_multi_poll() as a replacement drop-in
function that accepts the exact same set of arguments. This function
works identically to curl_multi_wait() - EXCEPT - for the case when
there's nothing to wait for internally, as then this function will by
itself wait for a "suitable" short time before it returns. This
effectiely avoids all risks of busy-looping and should also make it less
likely that apps "over-wait".
This also changes the curl tool to use this funtion internally when
doing parallel transfers and changes curl_easy_perform() to use it
internally.
Closes #4163
|
|
As the plan has been laid out in DEPRECATED. Update docs accordingly and
verify in test 1174. Now requires the option to be set to allow HTTP/0.9
responses.
Closes #4191
|
|
Allow pretty much anything to be part of the ALPN identifier. In
particular minus, which is used for "h3-20" (in-progress HTTP/3
versions) etc.
Updated test 356.
Closes #4182
|
|
If HTTPAUTH_GSSNEGOTIATE was used for a POST request and
gss_init_sec_context() failed, the POST request was sent
with empty body. This commit also restores the original
behavior of `curl --fail --negotiate`, which was changed
by commit 6c6035532383e300c712e4c1cd9fdd749ed5cf59.
Add regression tests 2077 and 2078 to cover this.
Fixes #3992
Closes #4171
|
|
... to avoid integer overflows later when multiplying with 1000 to
convert seconds to milliseconds.
Added test 1269 to verify.
Reported-by: Jason Lee
Closes #4166
|
|
If using the read callback for HTTP_POST, and POSTFIELDSIZE is not set,
automatically add a Transfer-Encoding: chunked header, same as it is
already done for HTTP_PUT, HTTP_POST_FORM and HTTP_POST_MIME. Update
test 1514 according to the new behaviour.
Closes #4138
|
|
This is done by making sure each individual transfer is first added to a
linked list as then they can be performed serially, or at will, in
parallel.
Closes #3804
|
|
... and adjust those that cause errors
Closes #4116
|
|
follow-up to 7fb66c403
|
|
Triggered by PR #4111
Closes #4113
|
|
The testcase ensures that redirects to CURLPROTO_GOPHER won't be
allowed, by default, in the future. Also, curl is being used
for convenience while keeping the testcases DRY.
The expected error code is CURLE_UNSUPPORTED_PROTOCOL when the client is
redirected to CURLPROTO_GOPHER
Signed-off-by: Linos Giannopoulos <lgian@skroutz.gr>
|
|
With CURLOPT_TIMECONDITION set, a header is automatically added (e.g.
If-Modified-Since). Allow this to be replaced or suppressed with
CURLOPT_HTTPHEADER.
Fixes #4103
Closes #4109
|
|
The header now has the slist-using options marked as SLISTPOINT so this
makes sure test 1521 understands that.
Follow-up to ae99b4de1c443ae989
Closes #4074
|