Stephan Bergmann made libcurl return CURLE_URL_MALFORMAT if an FTP URL

contains %0a or %0d in the user, password or CWD parts. (A future fix would include doing it for %00 as well - see KNOWN_BUGS for details.) Test case 225 and 226 were added to verify this
author: Daniel Stenberg <daniel@haxx.se> 2005-01-19 21:56:02 +0000
committer: Daniel Stenberg <daniel@haxx.se> 2005-01-19 21:56:02 +0000
commit: 3050ae57c0ad3a071448fb36b5d5d720910d5d00 (patch)
tree: d6fd66121b8ff195076268bf8da8ab49cd037493 /CHANGES
parent: 01205f772c4fde121787ec59737ad079f1b00bd7 (diff)
download: curl-3050ae57c0ad3a071448fb36b5d5d720910d5d00.tar.gz
1 files changed, 7 insertions, 1 deletions
diff --git a/CHANGES b/CHANGES
index bedab831c..5959147f6 100644
--- a/CHANGES
+++ b/CHANGES
@@ -8,12 +8,18 @@
 
 
 Daniel (19 January 2005)
+- Stephan Bergmann made libcurl return CURLE_URL_MALFORMAT if an FTP URL
+  contains %0a or %0d in the user, password or CWD parts. (A future fix would
+  include doing it for %00 as well - see KNOWN_BUGS for details.) Test case
+  225 and 226 were added to verify this
+
 - Stephan Bergmann pointed out two flaws in libcurl built with HTTP disabled:
 
   1) the proxy environment variables are still read and used to set HTTP proxy
 
   2) you couldn't disable http proxy with CURLOPT_PROXY (since the option was
-     disabled)
+     disabled). This is important since apps may want to disable HTTP proxy
+     without actually knowing if libcurl was built to disable HTTP or not.
 
   Based on Stephan's patch, both these issues should now be fixed.
author	Daniel Stenberg <daniel@haxx.se>	2005-01-19 21:56:02 +0000
committer	Daniel Stenberg <daniel@haxx.se>	2005-01-19 21:56:02 +0000
commit	3050ae57c0ad3a071448fb36b5d5d720910d5d00 (patch)
tree	d6fd66121b8ff195076268bf8da8ab49cd037493 /CHANGES
parent	01205f772c4fde121787ec59737ad079f1b00bd7 (diff)
download	curl-3050ae57c0ad3a071448fb36b5d5d720910d5d00.tar.gz