TODO: 1.1 Option to refuse usernames in URLs

Also expanded the CURL_REFUSE_CLEARTEXT section with more ideas.
2024-11-18 07:25:14 -05:00 · 2018-02-16 09:39:20 +01:00 · 2018-02-16 09:39:20 +01:00 · f549b2cefe
commit f549b2cefe
parent 74b1f89b1a
1 changed files with 17 additions and 0 deletions
--- a/docs/TODO
+++ b/docs/TODO
@ -17,6 +17,7 @@
 All bugs documented in the KNOWN_BUGS document are subject for fixing!

 1. libcurl
+ 1.1 Option to refuse usernames in URLs
 1.2 More data sharing
 1.3 struct lifreq
 1.4 signal-based resolver timeouts
@ -186,6 +187,16 @@

 1. libcurl

+1.1 Option to refuse usernames in URLs
+
+ There's a certain risk for application in allowing user names in URLs. For
+ example: if the wrong person gets to set the URL and manages to set a user
+ name in there when .netrc is used, the application may send along a password
+ that otherwise the person couldn't provide.
+
+ A new libcurl option could be added to allow applications to switch off this
+ feature and thus avoid a potential risk.
+
 1.2 More data sharing

 curl_share_* functions already exist and work, and they can be extended to
@ -403,6 +414,12 @@
 variable can then help users to block all libcurl-using programs from
 accessing the network using unsafe protocols.

+ The variable could be given some sort of syntax or different levels and be
+ used to also allow for example users to refuse libcurl to do transfers with
+ HTTPS certificate checks disabled.
+
+ It could also offer to refuse usernames in URLs (see TODO 1.1)
+
 1.27 hardcode the "localhost" addresses

 There's this new spec getting adopted that says "localhost" should always and