Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
How to stop bearer tokens leaking
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Stephen Booth via curl-library <curl-library_at_lists.haxx.se>
Date: Fri, 5 Nov 2021 09:43:53 +0000
If I use basic-auth the curl binary hides the credentials passed on the
command line from being seen using ps -1
Whats the best way of protecting bearer tokens in the same way?
AFAIK the only way of setting a bearer token is to use the generic -H flag
The only way I can see is to set the token via an options file (it would
have to be a physical file as I'm streaming data via stdin)
Stephen
Date: Fri, 5 Nov 2021 09:43:53 +0000
If I use basic-auth the curl binary hides the credentials passed on the
command line from being seen using ps -1
Whats the best way of protecting bearer tokens in the same way?
AFAIK the only way of setting a bearer token is to use the generic -H flag
The only way I can see is to set the token via an options file (it would
have to be a physical file as I'm streaming data via stdin)
Stephen
-- ====================================================================== |epcc| Dr Stephen P Booth Principal Architect |epcc| |epcc| s.booth_at_epcc.ed.ac.uk Phone 0131 650 5746 |epcc| ====================================================================== -- The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336. -- Unsubscribe: https://lists.haxx.se/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.htmlReceived on 2021-11-05