On Tue, Feb 06, 2018 at 08:24:41AM +0100, Daniel Stenberg wrote:
> Every now and then we get security problems reported to us that are really
> just various types of attacks you can do if you can either A) modify the url
> your curl application is using and/or B) have a server respond with a
>
> Am 06.02.2018 um 08:24 schrieb Daniel Stenberg :
>
> Hi friends,
> Letting users freely set the URL, or parts of the URL, for your curl-using
> application can get consequences.
>
Can we disallow login & password in URLs?
e.g. get an option to make perform fail with error,
Hi,
> but it never seems to output anything to the file
try passing a FILE * to the curl_easy_setopt instead of a FILE &.
Best Regards
Patrick
---
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette:
Hi All,
I seem to be running into a problem when trying to output the verbose info
to a file. I have set it up to send using curl_easy_setopt(curl, CURLOPT,
file) as it shows on the website (the first 2 links below) but it never
seems to output anything to the file. I looked further into this
On Tue, Feb 6, 2018 at 4:52 AM Daniel Stenberg wrote:
> On Tue, 6 Feb 2018, Christian Schmitz wrote:
>
> > Can we disallow login & password in URLs? e.g. get an option to make
> perform
> > fail with error, if there is a @ in the URL before domain?
>
> That seems like it should
On Tue, 6 Feb 2018, Christian Schmitz wrote:
Can we disallow login & password in URLs? e.g. get an option to make perform
fail with error, if there is a @ in the URL before domain?
That seems like it should be a pretty straight forward thing to add, sure!
But in the context of "dangerous