Re: "URLs are dangerous things"

On Tue, Feb 06, 2018 at 08:24:41AM +0100, Daniel Stenberg wrote: > Every now and then we get security problems reported to us that are really > just various types of attacks you can do if you can either A) modify the url > your curl application is using and/or B) have a server respond with a >

Re: "URLs are dangerous things"

> Am 06.02.2018 um 08:24 schrieb Daniel Stenberg : > > Hi friends, > Letting users freely set the URL, or parts of the URL, for your curl-using > application can get consequences. > Can we disallow login & password in URLs? e.g. get an option to make perform fail with error,

AW: Issue with Outputting CURL Verbose Info to a File

Hi, > but it never seems to output anything to the file try passing a FILE * to the curl_easy_setopt instead of a FILE &. Best Regards Patrick --- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette:

Issue with Outputting CURL Verbose Info to a File

Hi All, I seem to be running into a problem when trying to output the verbose info to a file. I have set it up to send using curl_easy_setopt(curl, CURLOPT, file) as it shows on the website (the first 2 links below) but it never seems to output anything to the file. I looked further into this

Re: "URLs are dangerous things"

On Tue, Feb 6, 2018 at 4:52 AM Daniel Stenberg wrote: > On Tue, 6 Feb 2018, Christian Schmitz wrote: > > > Can we disallow login & password in URLs? e.g. get an option to make > perform > > fail with error, if there is a @ in the URL before domain? > > That seems like it should

Re: "URLs are dangerous things"

On Tue, 6 Feb 2018, Christian Schmitz wrote: Can we disallow login & password in URLs? e.g. get an option to make perform fail with error, if there is a @ in the URL before domain? That seems like it should be a pretty straight forward thing to add, sure! But in the context of "dangerous