curl / Mailing Lists / curl-library / Single Mail

curl-library

Re: Is it safe to use ":" as proxy user/pwd when none required ?

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Fri, 1 Jun 2018 23:39:41 +0200 (CEST)

On Tue, 29 May 2018, Nicolás Ojeda Bär wrote:

> My question is: is it safe to always pass ":" as proxy user/password, even
> in the case where no username/password is required? Do you see any issues
> with doing this? Unfortunately, I am not able to test this in the actual
> environment, which is why I am asking here.

It certainly is if you also ask for "any" auth, since then libcurl won't add
any auth header at all until the server asks for one. If you set explicit
NTLM auth, I suspect that will cause you problems at times.

-- 
  / daniel.haxx.se

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2018-06-01

This message: [ Message body ]
Next message: Daniel Stenberg: "Re: libcurl + ssh-agent authentication fails"
Previous message: Daniel Stenberg: "Re: should we really offer axTLS support ?"
Next in thread: Nicolás Ojeda Bär: "Re: Is it safe to use ":" as proxy user/pwd when none required ?"
Reply: Nicolás Ojeda Bär: "Re: Is it safe to use ":" as proxy user/pwd when none required ?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]