option: disallow username in URL (946ce5b6) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP curl

docs/cmdline-opts/disallow-username-in-url.d

0 → 100644

+7 −0

Original line number	Diff line number	Diff line
		Long: disallow-username-in-url
		Help: Disallow username in url
		Protocols: HTTP
		Added: 7.61.0
		See-also: proto
		---
		This tells curl to exit if passed a url containing a username.

docs/libcurl/curl_easy_setopt.3

+2 −0

Original line number	Diff line number	Diff line
		@@ -258,6 +258,8 @@ HTTP proxy authentication methods. See \fICURLOPT_PROXYAUTH(3)\fP
		Enable SASL initial response. See \fICURLOPT_SASL_IR(3)\fP
		.IP CURLOPT_XOAUTH2_BEARER
		OAuth2 bearer token. See \fICURLOPT_XOAUTH2_BEARER(3)\fP
		.IP CURLOPT_DISALLOW_USERNAME_IN_URL
		Don't allow username in URL. See \fICURLOPT_DISALLOW_USERNAME_IN_URL(3)\fP
		.SH HTTP OPTIONS
		.IP CURLOPT_AUTOREFERER
		Automatically set Referer: header. See \fICURLOPT_AUTOREFERER(3)\fP

docs/libcurl/opts/CURLOPT_DISALLOW_USERNAME_IN_URL.3

0 → 100644

+56 −0

Original line number	Diff line number	Diff line
		.\" **************************************************************************
		.\" * _ _ ____ _
		.\" * Project ___\| \| \| \| _ \\| \|
		.\" * / __\| \| \| \| \|_) \| \|
		.\" * \| (__\| \|_\| \| _ <\| \|___
		.\" * \___\|\___/\|_\| \_\_____\|
		.\" *
		.\" * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
		.\" *
		.\" * This software is licensed as described in the file COPYING, which
		.\" * you should have received as part of this distribution. The terms
		.\" * are also available at https://curl.haxx.se/docs/copyright.html.
		.\" *
		.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
		.\" * copies of the Software, and permit persons to whom the Software is
		.\" * furnished to do so, under the terms of the COPYING file.
		.\" *
		.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
		.\" * KIND, either express or implied.
		.\" *
		.\" **************************************************************************
		.\"
		.TH CURLOPT_DISALLOW_USERNAME_IN_URL 3 "30 May 2018" "libcurl 7.61.0" "curl_easy_setopt options"
		.SH NAME
		CURLOPT_DISALLOW_USERNAME_IN_URL \- disallow specifying username in the url
		.SH SYNOPSIS
		#include <curl/curl.h>

		CURLcode curl_easy_setopt(CURL *handle, CURLOPT_DISALLOW_USERNAME_IN_URL, long disallow);
		.SH DESCRIPTION
		A long parameter set to 1 tells the library to not allow URLs that include a
		username.
		.SH DEFAULT
		0 (disabled) - user names are allowed by default.
		.SH PROTOCOLS
		Several
		.SH EXAMPLE
		.nf
		CURL *curl = curl_easy_init();
		if(curl) {

		curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
		curl_easy_setopt(curl, CURLOPT_DISALLOW_USERNAME_IN_URL, 1L);

		curl_easy_perform(curl);
		}
		.fi
		.SH AVAILABILITY
		Added in libcurl 7.61.0
		.SH RETURN VALUE
		Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.

		curl_easy_perform() will return CURLE_LOGIN_DENIED if this option is enabled
		and a URL containing a username is specified.
		.SH "SEE ALSO"
		.BR libcurl-security "(3), ", CURLOPT_PROTOCOLS "(3)"

docs/libcurl/opts/Makefile.inc

+1 −0

Original line number	Diff line number	Diff line
		@@ -114,6 +114,7 @@ man_MANS = \
		CURLOPT_DEBUGFUNCTION.3 \
		CURLOPT_DEFAULT_PROTOCOL.3 \
		CURLOPT_DIRLISTONLY.3 \
		CURLOPT_DISALLOW_USERNAME_IN_URL.3 \
		CURLOPT_DNS_CACHE_TIMEOUT.3 \
		CURLOPT_DNS_INTERFACE.3 \
		CURLOPT_DNS_LOCAL_IP4.3 \

docs/libcurl/symbols-in-versions

+1 −0

Original line number	Diff line number	Diff line
		@@ -376,6 +376,7 @@ CURLOPT_DEBUGDATA 7.9.6
		CURLOPT_DEBUGFUNCTION 7.9.6
		CURLOPT_DEFAULT_PROTOCOL 7.45.0
		CURLOPT_DIRLISTONLY 7.17.0
		CURLOPT_DISALLOW_USERNAME_IN_URL 7.61.0
		CURLOPT_DNS_CACHE_TIMEOUT 7.9.3
		CURLOPT_DNS_INTERFACE 7.33.0
		CURLOPT_DNS_LOCAL_IP4 7.33.0

Admin message