From aadb7c7b62251c4e760930d543105f2b10cbd9b2 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 6 Mar 2017 16:08:21 +0100 Subject: URL: return error on malformed URLs with junk after port number ... because it causes confusion with users. Example URLs: "http://[127.0.0.1]:11211:80" which a lot of languages' URL parsers will parse and claim uses port number 80, while libcurl would use port number 11211. "http://user@example.com:80@localhost" which by the WHATWG URL spec will be treated to contain user name 'user@example.com' but according to RFC3986 is user name 'user' for the host 'example.com' and then port 80 is followed by "@localhost" Both these formats are now rejected, and verified so in test 1260. Reported-by: Orange Tsai --- tests/data/Makefile.inc | 1 + tests/data/test1260 | 34 ++++++++++++++++++++++++++++++++++ 2 files changed, 35 insertions(+) create mode 100644 tests/data/test1260 (limited to 'tests/data') diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc index 8251ab9a4..c51cc3595 100644 --- a/tests/data/Makefile.inc +++ b/tests/data/Makefile.inc @@ -129,6 +129,7 @@ test1228 test1229 test1230 test1231 test1232 test1233 test1234 test1235 \ test1236 test1237 test1238 test1239 test1240 test1241 test1242 test1243 \ test1244 test1245 test1246 test1247 test1248 test1249 test1250 test1251 \ test1252 test1253 test1254 test1255 test1256 test1257 test1258 test1259 \ +test1260 \ \ test1280 test1281 test1282 test1283 test1284 test1285 test1286 \ \ diff --git a/tests/data/test1260 b/tests/data/test1260 new file mode 100644 index 000000000..b5a0aef97 --- /dev/null +++ b/tests/data/test1260 @@ -0,0 +1,34 @@ + + + +HTTP +HTTP GET + + + +# Server-side + + + +# Client-side + + +none + + +HTTP URL with rubbish after port number + + +-g "http://[%HOSTIP]:%HTTPPORT:80/we/want/1260" "http://%HOSTIP:%HTTPPORT:80/we/want/1260" "http://user@example.com:80@localhost" + + + +# Verify data after the test has been "shot" + +# CURLE_URL_MALFORMAT == 3 + +3 + + + + -- cgit v1.2.3