diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2018-06-13 11:24:34 +0200 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2018-06-13 11:24:34 +0200 |
| commit | 54066f5d09dce2c96ddda6e25f33cf8fa5d50801 (patch) | |
| tree | f401821ba3d7b47ecfec9b053d6df5c1b511b29d | |
| parent | a0f9670ec9caff9fcf4afe2e47904aa143d3b5aa (diff) | |
| download | curl-54066f5d09dce2c96ddda6e25f33cf8fa5d50801.tar.gz | |
TODO: "Option to refuse usernames in URLs" done
Implemented by Björn in 946ce5b61f
| -rw-r--r-- | docs/TODO | 11 |
1 files changed, 0 insertions, 11 deletions
@@ -17,7 +17,6 @@ All bugs documented in the KNOWN_BUGS document are subject for fixing! 1. libcurl - 1.1 Option to refuse usernames in URLs 1.2 More data sharing 1.3 struct lifreq 1.4 signal-based resolver timeouts @@ -189,16 +188,6 @@ 1. libcurl -1.1 Option to refuse usernames in URLs - - There's a certain risk for application in allowing user names in URLs. For - example: if the wrong person gets to set the URL and manages to set a user - name in there when .netrc is used, the application may send along a password - that otherwise the person couldn't provide. - - A new libcurl option could be added to allow applications to switch off this - feature and thus avoid a potential risk. - 1.2 More data sharing curl_share_* functions already exist and work, and they can be extended to |