curl-library
Re: http proxies and ftp passwords
Date: Tue, 9 Jun 2009 00:12:21 +0200 (CEST)
On Mon, 8 Jun 2009, Michal Marek wrote:
>> GET ftp://localhost/file HTTP/1.1
>> Authorization: Basic bHVzZXI6cG9rdXM=
>
> and fails at least with squid, because the proxy ignores Authorization: for
> ftp.
>
> $ curl -v -x localhost:3128 ftp://luser:pokus@localhost/file
> does
>> GET ftp://luser:pokus@localhost/file HTTP/1.1
>
> and works fine.
>
> Maybe this is a squid bug, but I didn't find anything relevant in the RFCs.
> The question is: does it make sense for libcurl to insert the
> username:password into the url when doing ftp via a proxy? Attached is an
> incomplete patch doing this.
Non-HTTP protocols over HTTP proxies is an area outside of all the specs so
it's not really possible to tell who's right or wrong here. Squid is a widely
used proxy so that should be reason enough for us to seriously consider this.
The only thing I fear is that there's another proxy out there with the
reversed preference...
-- / daniel.haxx.seReceived on 2009-06-09