cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: Too revealing user-agent field?

From: Tim Tassonis <timtas_at_cubic.ch>
Date: Wed, 13 Jun 2007 16:44:26 +0200

Hi Daniel

Daniel Stenberg wrote:
> Is it?
>
> At least one FreeBSD user seems to think so:
>
> http://www.freebsd.org/cgi/query-pr.cgi?pr=112555
>
> Any opinions on this here?
>

I like the User-Agent string to contain this much info, and standard
Apache basically does the same, including information about mod_php,
mod_ssl, mod_perl and all.

I would stay as as verbose as now and leave it to the hardening/security
review guys to fix this gaping security hole by specifying "-A
whatever", or putting

User-Agent: whatever

into .curlrc

We don't want to get them out of business, do we?

Tim
Received on 2007-06-13

This message: [ Message body ]
Next message: Guirong Wang: "curl to download a file, not the web page"
Previous message: Daniel Stenberg: "Re: Too revealing user-agent field?"
In reply to: Daniel Stenberg: "Too revealing user-agent field?"
Next in thread: Song Ma: "Re: Too revealing user-agent field?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]