1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-23 16:48:49 -05:00

TODO/ROADMAP: remove "refuse downgrade redirects" and HTTP/3

HTTP3 is now already in full progress

Downgrade redirects can be achived almost exactly like that by setting
CURLOPT_REDIR_PROTOCOLS.
This commit is contained in:
Daniel Stenberg 2019-08-16 23:18:45 +02:00
parent 9dde627ce6
commit 7c31a8980c
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
2 changed files with 0 additions and 18 deletions

View File

@ -5,11 +5,6 @@ Roadmap of things Daniel Stenberg wants to work on next. It is intended to
serve as a guideline for others for information, feedback and possible
participation.
HTTP/3
------
See the [QUIC and HTTP/3 wiki page](https://github.com/curl/curl/wiki/QUIC).
ESNI (Encrypted SNI)
--------------------
@ -21,11 +16,6 @@ HSTS
Complete and merge [the existing PR](https://github.com/curl/curl/pull/2682).
Option to refuse HTTPS => HTTP redirects
----------------------------------------
Possibly as a new bit to `CURLOPT_FOLLOWLOCATION` ?
Option to let CURLOPT_CUSTOMREQUEST be overridden on redirect
-------------------------------------------------------------

View File

@ -74,7 +74,6 @@
5.3 Rearrange request header order
5.4 Allow SAN names in HTTP/2 server push
5.5 auth= in URLs
5.6 Refuse "downgrade" redirects
5.7 QUIC
6. TELNET
@ -616,13 +615,6 @@
Additionally this should be implemented for proxy base URLs as well.
5.6 Refuse "downgrade" redirects
See https://github.com/curl/curl/issues/226
Consider a way to tell curl to refuse to "downgrade" protocol with a redirect
and/or possibly a bit that refuses redirect to change protocol completely.
5.7 QUIC
The standardization process of QUIC has been taken to the IETF and can be