New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Regression 8.2.0: Basic authentication does not follow with -L #11486
Labels
Comments
CloudoguSiebels
added a commit
to cloudogu/gitops-playground
that referenced
this issue
Jul 20, 2023
We were successfully uploading and installing the plugin and then following the redirect to the progress page. However, curl was removing the basic authentication. As a result, we were encountering error 403 for the redirect, not for the upload. This is a bug in curl: curl/curl#11486 Therefore, we temporarily replaced -L with --location-trusted for jenkins
Regression caused by dd4d1a2 |
bagder
added a commit
that referenced
this issue
Jul 20, 2023
Makes test 979 work Fixes #11486 Reported-by: Cloudogu Siebels
Is this one worth a point release?
|
Doh! I should have kept reading my e-mail backlog...
|
Thank you for fixing this so quickly! :) |
CloudoguSiebels
added a commit
to cloudogu/gitops-playground
that referenced
this issue
Jul 26, 2023
A bug in curl (curl/curl#11486) broke the jenkins plugin installation. We introduced a workaround in 16300de. A fix for curl is released and we can remove the workaround now.
ptitSeb
pushed a commit
to wasix-org/curl
that referenced
this issue
Sep 25, 2023
Makes test 979 work. Regression shipped in 8.2.0 from commit dd4d1a2 Fixes curl#11486 Reported-by: Cloudogu Siebels Closes curl#11492
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I did this
I have the following small PHP script that redirects to itself and display the basic authentication user.
I start this server using
php -S 0.0.0.0:8080
.Then I request the url with basic auth and follow redirects. I use docker to specify the curl version:
With curl 8.1.2 it works:
Note that when using
--location-trusted
it works as expected.When specifying a relative
Location
header without protocol or host, it works as well.I expected the following
No change between 8.1.2 and 8.2.0.
I expected that the
Authorization
header is passed to all requests when following with-L
.curl/libcurl version
operating system
Probably irrelevant as I'm using the docker image to reproduce.
The text was updated successfully, but these errors were encountered: