Mailing Lists

curl-tracker Archives

[curl:bugs] #1421 Custom Authorization is sent with CURLOPT_UNRESTRICTED_AUTH

From: lietus <lietus2_at_users.sf.net>
Date: Wed, 03 Sep 2014 13:16:48 +0000

---
** [bugs:#1421] Custom Authorization is sent with CURLOPT_UNRESTRICTED_AUTH**
**Status:** open
**Labels:** Authorization CURLOPT_UNRESTRICTED_AUTH 
**Created:** Wed Sep 03, 2014 01:16 PM UTC by lietus
**Last Updated:** Wed Sep 03, 2014 01:16 PM UTC
**Owner:** nobody
Hi,
-----
Reproduce with:
Setup: 
    curl_easy_setopt (m_curl, CURLOPT_FOLLOWLOCATION, 1);
    curl_easy_setopt (m_curl, CURLOPT_UNRESTRICTED_AUTH, 0L);
    Authorization header set with CURLOPT_HTTPHEADER
Case: 
    HttpStatus Found with redirect to different host
Result: 
    Authorization header is sent to different host
Expected: 
    (fails) Authorization header is not sent when redirecting to different host
-----
This does not seem to be by design. We are using token based authorization, so curl API for setting USERNAME and PASSWORD authentication cannot be used.
Related code: 
http.c(717): result = output_auth_headers(conn, authhost, request, path, FALSE);
Thanks
---
Sent from sourceforge.net because curl-tracker@cool.haxx.se is subscribed to https://sourceforge.net/p/curl/bugs/
To unsubscribe from further messages, a project admin can change settings at https://sourceforge.net/p/curl/admin/bugs/options.  Or, if this is a mailing list, you can unsubscribe from the mailing list.

Received on 2014-09-03

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

These mail archives are generated by hypermail.