Download
Browse source Changelog tiny-curl
Documentation
Project   Bug Bounty FAQ   Help us   Known bugs   TODO Protocols   CA bundle   HTTP Cookies   HTTP/2   SSL Certs Releases   Security   Version numbers   Vulnerabilities curl tool   man page   Tutorial   HTTP scripting Videos Who and Why
libcurl
ABI API Competitors Examples Features Mailing list Related libs Using libcurl Tutorial Testimonials
Get Help
curl-library curl-users IRC / chat Mailing lists Everything curl [book] Video presentations Report a bug Paid support
Development
Autobuilds Code review Code style Contribute Dashboard Deprecate Internals Release Notes Release Procedure Roadmap Run Tests Security Process Specifications Test curl
News
Changelog Release table
curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: Do not display password value in verbose output

From: Daniel F via curl-library <curl-library_at_lists.haxx.se>
Date: Mon, 21 Nov 2022 16:56:43 +0100

W dniu 2022-11-21 16:50, Daniel Stenberg via curl-library napisaƂ(a):
> On Mon, 21 Nov 2022, Darius Panahy via curl-library wrote:
>
>> Whilst verbose output (CURLOPT_VERBOSE ) is useful, it also writes out
>> the password value in clear. Can this be prevented or configured to
>> mask the password?
>
> That will be difficult as some of that showing is protcol data it
> shows verbatim. But I'm open for ideas.
>
> --
>
> / daniel.haxx.se
> | Commercial curl support up to 24x7 is available!
> | Private help, bug fixes, support, ports, new features
> | https://curl.se/support.html

This would require some protocol data parsing to detect and mask
well-known things used to send passwords, e.g. Authorization HTTP
header. 

-- 
Regards,
Daniel
-- 
Unsubscribe: https://lists.haxx.se/listinfo/curl-library
Etiquette:   https://curl.se/mail/etiquette.html
Received on 2022-11-21