On Mon, 8 Jun 2009, Michal Marek wrote:

GET ftp://localhost/file HTTP/1.1
Authorization: Basic bHVzZXI6cG9rdXM=

and fails at least with squid, because the proxy ignores Authorization: for ftp.

$ curl -v -x localhost:3128  ftp://luser:po...@localhost/file
does
GET ftp://luser:po...@localhost/file HTTP/1.1

and works fine.

Maybe this is a squid bug, but I didn't find anything relevant in the RFCs. The question is: does it make sense for libcurl to insert the username:password into the url when doing ftp via a proxy? Attached is an incomplete patch doing this.

Non-HTTP protocols over HTTP proxies is an area outside of all the specs so it's not really possible to tell who's right or wrong here. Squid is a widely used proxy so that should be reason enough for us to seriously consider this.

The only thing I fear is that there's another proxy out there with the reversed preference...

--

 / daniel.haxx.se

Reply via email to