diff options
Diffstat (limited to 'docs/libcurl/opts/CURLOPT_URL.3')
-rw-r--r-- | docs/libcurl/opts/CURLOPT_URL.3 | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/docs/libcurl/opts/CURLOPT_URL.3 b/docs/libcurl/opts/CURLOPT_URL.3 index e33d866bf..aaac06119 100644 --- a/docs/libcurl/opts/CURLOPT_URL.3 +++ b/docs/libcurl/opts/CURLOPT_URL.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. +.\" * Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -88,8 +88,8 @@ security concerns: If you have an application that runs as or in a server application, getting an unfiltered URL can easily trick your application to access a local resource -instead of a remote. Protecting yourself against localhost accesses is very -hard when accepting user provided URLs. +instead of a remote. Protecting yourself against localhost accesses is hard +when accepting user provided URLs. Such custom URLs can also access other ports than you planned as port numbers are part of the regular URL format. The combination of a local host and a |