delta/curl.git/tests/data, branch bagder/test493-https github.com: bagder/curl.git test 493: require https in curl to run 2021-04-20T07:38:31+00:00 Daniel Stenberg daniel@haxx.se 2021-04-20T07:38:31+00:00 e2f8d4bf69deeac781a737f7ae09d3f23cd8e7f7 






hsts: enable by default
2021-04-19T06:22:16+00:00

Daniel Stenberg
daniel@haxx.se

2021-03-08T07:30:32+00:00

d71ff2b9db566b3f4b2eb29441c2df86715d4339

No longer considered experimental.

Closes #6700





No longer considered experimental.

Closes #6700







test972: verify the json output with jsonlint
2021-04-17T09:03:40+00:00

Daniel Stenberg
daniel@haxx.se

2021-04-16T21:53:22+00:00

6fc805d0c1f82363836f1c6199cebdd3c41cbc5b

Make sure one of the azure jobs has jsonlint installed so that the test
runs there.

Ref: #6905





Make sure one of the azure jobs has jsonlint installed so that the test
runs there.

Ref: #6905







tool_writeout: fix the HTTP_CODE json output
2021-04-17T09:03:30+00:00

Jay Satiro
raysatiro@yahoo.com

2021-04-16T22:34:48+00:00

2f78be51ebe8578bce5469924cedf7ac8bc06a85

Update test 970 accordingly.

Reported-by: Michal Rus
Fixes #6905
Closes #6906





Update test 970 accordingly.

Reported-by: Michal Rus
Fixes #6905
Closes #6906







tool_getparam: replace (in-place) '%20' by '+' according to RFC1866
2021-04-15T11:45:12+00:00

Victor Vieux
victorvieux@gmail.com

2021-04-15T04:45:21+00:00

0d7c55bd57ffd5fedb5862e123673d35704b58ac

Signed-off-by: Victor Vieux <victorvieux@gmail.com>

Closes #6895





Signed-off-by: Victor Vieux <victorvieux@gmail.com>

Closes #6895







cookie: CURLOPT_COOKIEFILE set to NULL switches off cookies
2021-04-14T21:09:36+00:00

Daniel Stenberg
daniel@haxx.se

2021-04-14T07:15:19+00:00

520bd5225c70a5c4cceee08f1aa7447eb0ec6653

Add test 676 to verify that setting CURLOPT_COOKIEFILE to NULL again clears
the cookiejar from memory.

Reported-by: Stefan Karpinski
Fixes #6889
Closes #6891





Add test 676 to verify that setting CURLOPT_COOKIEFILE to NULL again clears
the cookiejar from memory.

Reported-by: Stefan Karpinski
Fixes #6889
Closes #6891







ntlm: fix negotiated flags usage
2021-04-09T07:40:56+00:00

Patrick Monnerat
patrick@monnerat.net

2021-04-06T17:32:21+00:00

9c1e1a6105f34ffe3b5a16e874a92c9558ddbd96

According to Microsoft document MS-NLMP, current flags usage is not
accurate: flag NTLMFLAG_NEGOTIATE_NTLM2_KEY controls the use of
extended security in an NTLM authentication message and NTLM version 2
cannot be negotiated within the protocol.

The solution implemented here is: if the extended security flag is set,
prefer using NTLM version 2 (as a server featuring extended security
should also support version 2). If version 2 has been disabled at
compile time, use extended security.

Tests involving NTLM are adjusted to this new behavior.

Fixes #6813
Closes #6849





According to Microsoft document MS-NLMP, current flags usage is not
accurate: flag NTLMFLAG_NEGOTIATE_NTLM2_KEY controls the use of
extended security in an NTLM authentication message and NTLM version 2
cannot be negotiated within the protocol.

The solution implemented here is: if the extended security flag is set,
prefer using NTLM version 2 (as a server featuring extended security
should also support version 2). If version 2 has been disabled at
compile time, use extended security.

Tests involving NTLM are adjusted to this new behavior.

Fixes #6813
Closes #6849







http_proxy: only loop on 407 + close if we have credentials
2021-04-05T20:49:07+00:00

Daniel Stenberg
daniel@haxx.se

2021-04-05T10:11:30+00:00

605aa03ac198e049e6779df5ccc433b0934e40aa

... to fix the retry-loop.

Add test 718 to verify.

Reported-by: Daniel Kurečka
Fixes #6828
Closes #6850





... to fix the retry-loop.

Add test 718 to verify.

Reported-by: Daniel Kurečka
Fixes #6828
Closes #6850







file: support GETing directories again
2021-04-05T10:22:07+00:00

Luke Granger-Brown
git@lukegb.com

2021-04-03T19:12:48+00:00

6d930d730600771f15ab048a123f253ce4751786

After 957bc1881e686f9714c4e6a01bf33535091f0e21, we no longer compute an
expected_size for directories. This has the upshot that when we compare
even an empty Range with the available size, we fail.

This brings back the previous behaviour, which was to succeed, but with
empty content. This also removes the "Accept-ranges: bytes" header,
which is nonsensical on directories.

Adds test 3016
Fixes #6845
Closes #6846





After 957bc1881e686f9714c4e6a01bf33535091f0e21, we no longer compute an
expected_size for directories. This has the upshot that when we compare
even an empty Range with the available size, we fail.

This brings back the previous behaviour, which was to succeed, but with
empty content. This also removes the "Accept-ranges: bytes" header,
which is nonsensical on directories.

Adds test 3016
Fixes #6845
Closes #6846







transfer: strip credentials from the auto-referer header field
2021-03-28T21:19:55+00:00

Viktor Szakats
commit@vsz.me

2021-02-23T13:54:46+00:00

7214288898f5625a6cc196e22a74232eada7861c

Added test 2081 to verify.

CVE-2021-22876

Bug: https://curl.se/docs/CVE-2021-22876.html





Added test 2081 to verify.

CVE-2021-22876

Bug: https://curl.se/docs/CVE-2021-22876.html