cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: CURL SMTP - Bypass Authentication

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Wed, 26 Mar 2014 23:42:49 +0100 (CET)

On Wed, 26 Mar 2014, Steve Holme wrote:

> Does anyone have any views to whether supplying a username and password to a
> server that doesn't support authentication is a valid use case and should
> work as if no username/password had been supplied?

Could it be used by a malicious server to trick the client into giving away
its credentials in a way it wouldn't otherwise do it?

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html

Received on 2014-03-26

This message: [ Message body ]
Next message: Steve Holme: "RE: CURL SMTP - Bypass Authentication"
Previous message: Steve Holme: "RE: CURL SMTP - Bypass Authentication"
In reply to: Steve Holme: "RE: CURL SMTP - Bypass Authentication"
Next in thread: Steve Holme: "RE: CURL SMTP - Bypass Authentication"
Reply: Steve Holme: "RE: CURL SMTP - Bypass Authentication"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]