curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: LDAP URL with a userinfo part

From: Daniel Stenberg via curl-library <curl-library_at_lists.haxx.se>
Date: Mon, 13 Dec 2021 19:42:14 +0100 (CET)

On Mon, 13 Dec 2021, Howard Chu via curl-library wrote:

>> - Reject: before attempting connection.
>
> Probably this, since RFC 4516 doesn't specify that userinfo is valid in an
> LDAP URL. RFC 4516 seems to assume that if authentication is going to be
> done, it is configured elsewhere in a client and so doesn't need to be part
> of URLs themselves.

I agree. If the spec doesn't allow it and there's no history or other usage of
this in other (well known) applications, then rejecting such URLs as early as
possible seems like the right choice to me.

-- 
  / daniel.haxx.se
  | Commercial curl support up to 24x7 is available!
  | Private help, bug fixes, support, ports, new features
  | https://curl.se/support.html
-- 
Unsubscribe: https://lists.haxx.se/listinfo/curl-library
Etiquette:   https://curl.haxx.se/mail/etiquette.html
Received on 2021-12-13