Package: curl Version: 7.64.0-4+deb10u1 Severity: minor Dear Maintainer,
I was testing a website which responded on HTTP/2 and had trouble finding the HTTP response status code. I noticed that the HTTP response status code was not on its own line. I was expecting it to be/have its own line. I have tested this on testing with curl 7.72.0 - No improvements. Here's the example, on stable: dsusman@fgx-laptop:~$ curl -v https://www.southbeachofficial.com -o /dev/null * Expire in 0 ms for 6 (transfer 0x55edba67bf70) * Expire in 1 ms for 1 (transfer 0x55edba67bf70) % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Expire in 0 ms for 1 (transfer 0x55edba67bf70) * Expire in 2 ms for 1 (transfer 0x55edba67bf70) * Expire in 0 ms for 1 (transfer 0x55edba67bf70) * Expire in 0 ms for 1 (transfer 0x55edba67bf70) * Expire in 2 ms for 1 (transfer 0x55edba67bf70) * Expire in 0 ms for 1 (transfer 0x55edba67bf70) * Expire in 0 ms for 1 (transfer 0x55edba67bf70) * Expire in 2 ms for 1 (transfer 0x55edba67bf70) * Expire in 0 ms for 1 (transfer 0x55edba67bf70) * Expire in 0 ms for 1 (transfer 0x55edba67bf70) * Expire in 2 ms for 1 (transfer 0x55edba67bf70) * Expire in 1 ms for 1 (transfer 0x55edba67bf70) * Expire in 1 ms for 1 (transfer 0x55edba67bf70) * Expire in 2 ms for 1 (transfer 0x55edba67bf70) * Expire in 1 ms for 1 (transfer 0x55edba67bf70) * Expire in 1 ms for 1 (transfer 0x55edba67bf70) * Expire in 2 ms for 1 (transfer 0x55edba67bf70) * Expire in 1 ms for 1 (transfer 0x55edba67bf70) * Expire in 1 ms for 1 (transfer 0x55edba67bf70) * Expire in 2 ms for 1 (transfer 0x55edba67bf70) * Expire in 2 ms for 1 (transfer 0x55edba67bf70) * Expire in 2 ms for 1 (transfer 0x55edba67bf70) * Expire in 2 ms for 1 (transfer 0x55edba67bf70) * Expire in 2 ms for 1 (transfer 0x55edba67bf70) * Expire in 2 ms for 1 (transfer 0x55edba67bf70) * Expire in 3 ms for 1 (transfer 0x55edba67bf70) * Trying 104.26.15.56... * TCP_NODELAY set * Expire in 149995 ms for 3 (transfer 0x55edba67bf70) * Expire in 200 ms for 4 (transfer 0x55edba67bf70) * Connected to www.southbeachofficial.com (104.26.15.56) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: none CApath: /etc/ssl/certs } [5 bytes data] * TLSv1.3 (OUT), TLS handshake, Client hello (1): } [512 bytes data] * TLSv1.3 (IN), TLS handshake, Server hello (2): { [122 bytes data] * TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8): { [19 bytes data] * TLSv1.3 (IN), TLS handshake, Certificate (11): { [2238 bytes data] * TLSv1.3 (IN), TLS handshake, CERT verify (15): { [79 bytes data] * TLSv1.3 (IN), TLS handshake, Finished (20): { [52 bytes data] * TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1): } [1 bytes data] * TLSv1.3 (OUT), TLS handshake, Finished (20): } [52 bytes data] * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 * ALPN, server accepted to use h2 * Server certificate: * subject: C=US; ST=CA; L=San Francisco; O=Cloudflare, Inc.; CN=sni.cloudflaressl.com * start date: Jul 30 00:00:00 2020 GMT * expire date: Jul 30 12:00:00 2021 GMT * subjectAltName: host "www.southbeachofficial.com" matched cert's "*.southbeachofficial.com" * issuer: C=US; O=Cloudflare, Inc.; CN=Cloudflare Inc ECC CA-3 * SSL certificate verify ok. * Using HTTP2, server supports multi-use * Connection state changed (HTTP/2 confirmed) * Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0 } [5 bytes data] * Using Stream ID: 1 (easy handle 0x55edba67bf70) } [5 bytes data] > GET / HTTP/2 > Host: www.southbeachofficial.com > User-Agent: curl/7.64.0 > Accept: */* > { [5 bytes data] * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4): { [230 bytes data] * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4): { [230 bytes data] * old SSL session ID is stale, removing { [5 bytes data] * Connection state changed (MAX_CONCURRENT_STREAMS == 256)! } [5 bytes data] 0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0< HTTP/2 200 <<<<<<<<-------------- The HTTP/2 response status code should have been below this line. < date: Thu, 03 Sep 2020 11:41:56 GMT < content-type: text/html; charset=UTF-8 < set-cookie: __cfduid=dd91e9ddaa9790284374020661682fc971599133314; expires=Sat, 03-Oct-20 11:41:54 GMT; path=/; domain=.southbeachofficial.com; HttpOnly; SameSite=Lax < set-cookie: PHPSESSID=l7v652csa3g0e6mquf467kovo6; expires=Thu, 03-Sep-2020 12:41:55 GMT; Max-Age=3600; path=/; domain=www.southbeachofficial.com; secure; HttpOnly < pragma: no-cache < cache-control: max-age=0, must-revalidate, no-cache, no-store < expires: Tue, 03 Sep 2019 10:28:57 GMT < content-security-policy-report-only: font-src 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com secure.authorize.net test.authorize.net 'self' 'unsafe-inline'; frame-ancestors 'self' 'unsafe-inline'; frame-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com js.stripe.com m.stripe.com x.klarnacdn.net klarna.com 'self' 'unsafe-inline'; img-src widgets.magentocommerce.com www.googleadservices.com www.google-analytics.com t.paypal.com www.paypal.com www.paypalobjects.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com s.ytimg.com 'self' 'unsafe-inline'; script-src assets.adobedtm.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com www.googleadservices.com www.google-analytics.com secure.authorize.net test.authorize.net www.paypal.com www.sandbox.paypal.com www.paypalobjects.com t.paypal.com s.ytimg.com video.google.com vimeo.com www.vimeo.com js.authorize.net jstest.authorize.net js.braintreegateway.com cdn-scripts.signifyd.com www.youtube.com js.stripe.com m.stripe.com x.klarnacdn.net klarna.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src getfirebug.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com js.stripe.com m.stripe.com x.klarnacdn.net klarna.com 'self' 'unsafe-inline'; child-src 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; < strict-transport-security: max-age=31536000 < content-security-policy: upgrade-insecure-requests; < x-content-type-options: nosniff < x-xss-protection: 1; mode=block < x-frame-options: SAMEORIGIN < vary: Accept-Encoding < cf-cache-status: DYNAMIC < cf-request-id: 04f55f07b00000d7d9d827f200000001 < expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" < server: cloudflare < cf-ray: 5ccf3452b93ed7d9-EZE < { [571 bytes data] 100 74836 0 74836 0 0 42520 0 --:--:-- 0:00:01 --:--:-- 42496 * Connection #0 to host www.southbeachofficial.com left intact dsusman@fgx-laptop:~$ Thank you. Best regards, Dario Susman -- System Information: Debian Release: 10.5 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-10-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages curl depends on: ii libc6 2.28-10 ii libcurl4 7.64.0-4+deb10u1 ii zlib1g 1:1.2.11.dfsg-1 curl recommends no packages. curl suggests no packages. -- no debconf information