1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-18 07:25:14 -05:00
Commit Graph

1472 Commits

Author SHA1 Message Date
Daniel Stenberg
7f7fcd0d75 cookies: first n/v pair in Set-Cookie: is the cookie, then parameters
RFC 6265 section 4.1.1 spells out that the first name/value pair in the
header is the actual cookie name and content, while the following are
the parameters.

libcurl previously had a more liberal approach which causes significant
problems when introducing new cookie parameters, like the suggested new
cookie priority draft.

The previous logic read all n/v pairs from left-to-right and the first
name used that wassn't a known parameter name would be used as the
cookie name, thus accepting "Set-Cookie: Max-Age=2; person=daniel" to be
a cookie named 'person' while an RFC 6265 compliant parser should
consider that to be a cookie named 'Max-Age' with an (unknown) parameter
'person'.

Fixes #709
2016-03-10 11:26:12 +01:00
Tim Rühsen
c140bd7891 cookie: do not refuse cookies for localhost
Closes #658
2016-03-08 15:27:43 +01:00
Daniel Stenberg
e6293cf876 test46: change cookie expiry date
Since two of the cookies would now otherwise expire and cause the test
to fail after commit 20de9b4f09

Discussed in #697
2016-03-06 16:22:49 +01:00
Jay Satiro
186546f1c5 TFTP: add option to suppress TFTP option requests (Part 2)
- Add tests.

- Add an example to CURLOPT_TFTP_NO_OPTIONS.3.

- Add --tftp-no-options to expose CURLOPT_TFTP_NO_OPTIONS.

Bug: https://github.com/curl/curl/issues/481
2016-02-23 03:01:07 -05:00
Dan Fandrich
e50674ad28 Enabled test 1437 after the bug fix in commit 3fa220a6 2016-02-20 11:34:15 +01:00
Dan Fandrich
fe37695aa9 Added test 1437 to verify a memory leak
Reported-by: neex@users.noreply.github.com
2016-02-19 10:45:09 +01:00
Dan Fandrich
0443187611 test1604: Add to Makefile.inc so it gets run 2016-02-13 22:49:45 +01:00
Daniel Stenberg
18c735e790 cookies: allow spaces in cookie names, cut of trailing spaces
It turns out Firefox and Chrome both allow spaces in cookie names and
there are sites out there using that.

Turned out the code meant to strip off trailing space from cookie names
didn't work. Fixed now.

Test case 8 modified to verify both these changes.

Closes #639
2016-02-08 15:49:54 +01:00
Daniel Stenberg
113f04e664 Proxy-Connection: stop sending this header by default
RFC 7230 says we should stop. Firefox already stopped.

Bug: https://github.com/curl/curl/issues/633
Reported-By: Brad Fitzpatrick

Closes #633
2016-02-08 11:09:40 +01:00
Jay Satiro
4520534e6d tool_doswin: Improve sanitization processing
- Add unit test 1604 to test the sanitize_file_name function.

- Use -DCURL_STATICLIB when building libcurltool for unit testing.

- Better detection of reserved DOS device names.

- New flags to modify sanitize behavior:

SANITIZE_ALLOW_COLONS: Allow colons
SANITIZE_ALLOW_PATH: Allow path separators and colons
SANITIZE_ALLOW_RESERVED: Allow reserved device names
SANITIZE_ALLOW_TRUNCATE: Allow truncating a long filename

- Restore sanitization of banned characters from user-specified outfile.

Prior to this commit sanitization of a user-specified outfile was
temporarily disabled in 2b6dadc because there was no way to allow path
separators and colons through while replacing other banned characters.
Now in such a case we call the sanitize function with
SANITIZE_ALLOW_PATH which allows path separators and colons to pass
through.


Closes https://github.com/curl/curl/issues/624
Reported-by: Octavio Schroeder
2016-02-05 01:44:27 -05:00
Viktor Szakats
20dcd19501 URLs: follow GitHub project rename (also Travis CI)
Closes #632
2016-02-04 23:01:38 +01:00
Daniel Stenberg
4af40b3646 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
Jay Satiro
d566371130 tests: Add a test for pinnedpubkey fail even when insecure
Because disabling the peer verification (--insecure) must not disable
the public key pinning check (--pinnedpubkey).
2016-01-18 03:10:10 -05:00
Mohammad AlSaleh
3d209b5fb0 lib: Prefix URLs with lower-case protocol names/schemes
Before this patch, if a URL does not start with the protocol
name/scheme, effective URLs would be prefixed with upper-case protocol
names/schemes. This behavior might not be expected by library users or
end users.

For example, if `CURLOPT_DEFAULT_PROTOCOL` is set to "https". And the
URL is "hostname/path". The effective URL would be
"HTTPS://hostname/path" instead of "https://hostname/path".

After this patch, effective URLs would be prefixed with a lower-case
protocol name/scheme.

Closes #597

Signed-off-by: Mohammad AlSaleh <CE.Mohammad.AlSaleh@gmail.com>
2016-01-11 23:38:42 +01:00
Michael Kaufmann
d9b4d1ce20 connection reuse: IDN host names fixed
Use the ACE form of IDN hostnames as key in the connection cache.  Add
new tests.

Closes #592
2016-01-08 00:19:46 +01:00
Daniel Stenberg
336e8feec4 tests: mark IPv6 FTP and FTPS tests with the FTP keyword 2016-01-07 14:30:55 +01:00
Marc Hoersken
2aec4359db test 1515: add data check 2015-12-26 17:25:59 +01:00
Marc Hoersken
38b055446a test 1515: add MSYS support by passing a relative path
MSYS would otherwise turn a /-style path into a C:\-style path.
2015-12-26 17:25:42 +01:00
Marc Hoersken
4ca246c3a8 test 539: use datacheck mode text for ASCII-mode LISTings
While still using datacheck mode binary for the inline reply data.
2015-12-26 11:01:47 +01:00
Marc Hoersken
8fb8e16ea4 tests 1048 and 1050: use datacheck mode text for ASCII-mode LISTings 2015-12-24 14:56:47 +01:00
Marc Hoersken
2eb933e8aa tests 706 and 707: use datacheck mode text for ASCII-mode LISTings 2015-12-24 14:48:36 +01:00
Marc Hoersken
08554dff65 tests 400,403,406: use datacheck mode text for ASCII-mode LISTings 2015-12-24 14:22:26 +01:00
Marc Hoersken
fcabed6cd8 test 16: fix on Linux (and Windows) by using plain ASCII characters
Follow up on b064ff0c35, thanks Daniel.
2015-12-23 13:35:36 +01:00
Marc Hoersken
328771981a tests 252-255: use datacheck mode text for ASCII-mode LISTings 2015-12-23 12:49:40 +01:00
Marc Hoersken
b064ff0c35 test 16: fix on Windows by converting data file from ANSI to UTF-8 2015-12-23 12:41:52 +01:00
Marc Hoersken
5e0e81a9c4 test 1326: fix file check since curl is outputting binary data 2015-12-17 16:04:33 +01:00
Marc Hoersken
9e093f0e74 test 1326: fix getting stuck on Windows due to incomplete request
The request needs to be read and send in binary mode in order to use
CRLF instead of LF. Adding --upload-file - causes curl to read stdin
in binary mode.
2015-12-17 15:14:36 +01:00
Daniel Stenberg
536f5f442e curl: use 2TLS by default
Make this the default for the curl tool (if built with HTTP/2 powers
enabled) unless a specific HTTP version is requested on the command
line.

This should allow more users to get HTTP/2 powers without having to
change anything.
2015-12-13 09:26:43 +01:00
Steve Holme
a62000ecc9 tests: Corrected copy and pasted comments from commit e643c5c908 2015-12-03 23:31:24 +00:00
Steve Holme
5eba895b4c test947: Corrected typo in test name 2015-12-02 23:45:29 +00:00
Steve Holme
e643c5c908 tests: Disable the OAUTHBEARER tests when using a non-default port number
Tests 842, 843, 844, 845, 887, 888, 889, 890, 946, 947, 948 and 949 fail
if a custom port number is specified via the -b option of runtests.pl.

Suggested by: Kamil Dudka
Bug: http://curl.haxx.se/mail/lib-2015-12/0003.html
2015-12-02 23:10:02 +00:00
Daniel Stenberg
facf2925c7 test1513: make sure the callback is only called once 2015-11-24 23:33:37 +01:00
Steve Holme
f024ece8c7 Makefile.inc: Fixed test run error
test845 not present in tests/data/Makefile.inc
2015-11-21 00:04:57 +00:00
Steve Holme
bbb34b6f15 tests: Re-enabled tests 889 and 890 following POP3 fix 2015-11-20 07:04:19 +00:00
Steve Holme
3c4065f402 tests: Disabled 889 and 890 until we support POP3 continuation responses
As POP3 final and continuation responses both begin with a + character,
and both the finalcode and contcode variables in SASLprotoc are set as
such, we cannot tell the difference between them when we are expecting
an optional continuation from the server such as the following:

+ something else from the server
+OK final response

Disabled these tests until such a time we can tell the responses apart.
2015-11-15 20:14:46 +00:00
Steve Holme
d0ddfe2216 tests: Corrected typos from commit ba4d8f7eba 2015-11-15 20:11:55 +00:00
Steve Holme
ca770d87e2 tests: Added OAUTHBEARER failure response tests 2015-11-15 20:11:54 +00:00
Steve Holme
808a17ee67 tests: Renamed existing OAuth 2.0 (XOAUTH) tests 2015-11-14 11:19:57 +00:00
Steve Holme
ba4d8f7eba tests: Added OAuth 2.0 (OAUTHBEARER) tests 2015-11-14 11:16:04 +00:00
dfandrich
d7e352402c unit1603: Added unit tests for hash functions 2015-11-12 22:49:32 +01:00
Justin Ehlert
23b8fc15c8 imap: Don't check for continuation when executing a CUSTOMREQUEST
Bug: https://github.com/bagder/curl/issues/486
Closes https://github.com/bagder/curl/pull/487
2015-11-08 12:12:33 +00:00
Daniel Stenberg
60c86297bf tftp tests: verify sent options too
The tftpd test server now logs all received options and thus all TFTP
test cases need to match them exactly.

Extended test 283 to use and verify --tftp-blksize.
2015-11-06 10:55:30 +01:00
Daniel Stenberg
3f7b1bb89f http redirects: %-encode bytes outside of ascii range
Apparently there are sites out there that do redirects to URLs they
provide in plain UTF-8 or similar. Browsers and wget %-encode such
headers when doing a subsequent request. Now libcurl does too.

Added test 1138 to verify.

Closes #473
2015-11-02 12:48:03 +01:00
Daniel Stenberg
ca5f9341ef formadd: support >2GB files on windows
Closes #425
2015-11-02 08:41:46 +01:00
Daniel Stenberg
eefd5a95af test1137: verify --ignore-content-length for FTP 2015-10-23 15:24:56 +02:00
Daniel Stenberg
cb922d47d6 teste1136: only run when PSL is enabled 2015-10-18 23:20:08 +02:00
Tim Rühsen
e77b5b7453 cookies: Add support for Mozilla's Publix Suffix List
Use libpsl to check the domain value of Set-Cookie headers (and cookie
jar entries) for not being a Publix Suffix.

The configure script checks for "libpsl" by default. Disable the check
with --without-libpsl.

Ref: https://publicsuffix.org/
Ref: https://github.com/publicsuffix/list
Ref: https://github.com/rockdaboot/libpsl
2015-10-17 16:37:49 +02:00
Daniel Stenberg
0110cced2a tests: disable 1510 due to CI-problems on github 2015-09-23 13:53:38 +02:00
Daniel Stenberg
37af1766e9 tests: disable 1801 until fixed
It is unreliable and causes CI problems on github

Closes #380
2015-09-20 13:12:44 +02:00
Nathaniel Waisbrot
9756d1da76 CURLOPT_DEFAULT_PROTOCOL: added
- Add new option CURLOPT_DEFAULT_PROTOCOL to allow specifying a default
protocol for schemeless URLs.

- Add new tool option --proto-default to expose
CURLOPT_DEFAULT_PROTOCOL.

In the case of schemeless URLs libcurl will behave in this way:

When the option is used libcurl will use the supplied default.

When the option is not used, libcurl will follow its usual plan of
guessing from the hostname and falling back to 'http'.
2015-08-22 21:57:14 -04:00