curl / Mailing Lists / curl-library / Single Mail

curl-library

Re: "URLs are dangerous things"

From: Christian Schmitz <filemakerlists_at_monkeybreadsoftware.de>
Date: Tue, 6 Feb 2018 12:09:18 +0100

> Am 06.02.2018 um 08:24 schrieb Daniel Stenberg <daniel_at_haxx.se>:
>
> Hi friends,
> Letting users freely set the URL, or parts of the URL, for your curl-using application can get consequences.
>

Can we disallow login & password in URLs?
e.g. get an option to make perform fail with error, if there is a @ in the URL before domain?

And the Use SSL options being 3 would it fail with http:// URL?

Sincerely
Christian

-- 
Read our blog about news on our plugins:
http://www.mbsplugins.de/
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette:   https://curl.haxx.se/mail/etiquette.html
Received on 2018-02-06