Thanks Daniel. I cannot think of a real world case for such long user
name and password. The problem was reported in a test case. I just
want to confirm it is a limitation in curl, not web server.
By saying that, it is always nice to remove this limit.
Thanks
Lin Chen
Genesys Telecommunications Laboratories Inc.
1380 Rodick Road, Suite 200
Markham, Ontario L3R 4G5
DID: (905) 968-3361
Main Tel.: (905) 968-3300 Fax: (905) 968-3400
-----Original Message-----
From: [email protected]
[mailto:[email protected]] On Behalf Of Daniel Stenberg
Sent: Friday, February 10, 2012 4:44 PM
To: libcurl development
Subject: Re: Authentication: header
On Fri, 10 Feb 2012, Lin Chen wrote:
> I am using curl 7.23. I can use it to send Authentication: Basic if
the
> username and password size adds together is not longer than 506
characters.
> Once the total size of username and passwords exceeds 506 characters,
I got
> 401 error from the application server. I am wondering if curl has
limit in
> generating the Authentication: Basic header?
Yes it does! It in fact limits both user name and password to no more
than 255
bytes each. (See the MAX_CURL_* defines in lib/urldata.h around line
1080 or
so.)
I'm sure we could get rid of the limit (assuming someone put some effort
into
it) or at least bump it something higher, but are you seriously having a
real
world use case with that long data?
--
/ daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
