Also make it clearer that the caveat 'if the file size is unknown it
the option will have no effect' may apply to protocols other than FTP
and HTTP.
Reported-by: Josh Soref
Fixes https://github.com/curl/curl/issues/7453
Since --cookie-jar is the preferred way to store cookies, no longer
suggest using --dump-header to do so.
Co-authored-by: Daniel Stenberg
Closes https://github.com/curl/curl/issues/7414
Write out directories rather than using the dirs abbrevation. Also
use plural form consistently, even if the code in the end might just
create a single directory.
Closes#7406
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
When using curl with the option `--etag-save` I expected it to save the
ETag without its surrounding quotes, as stated by the documentation in
the repository and by the generated man pages.
My first endeavour was to fix the program, but while investigating the
history of the relevant parts, I discovered that curl once saved the
ETag without the quotes. This was undone by Daniel Stenberg in commit
`98c94596f5928840177b6bd3c7b0f0dd03a431af`, therefore I decided that in
this case the documentation should be adjusted to match the behaviour of
curl.
The changed save behaviour also made parts of the `--etag-compare`
documentation wrong or superfluous, so I adjusted those accordingly.
Closes#7429
Wyatt OʼDay reported in #7385 that mbedTLS isn't backwards compatible
and curl no longer builds with it. Document the need to fix our support
until so has been done.
Closes#7390Fixes#7385
Reported-by: Wyatt OʼDay
Reviewed-by: Jay Satiro <raysatiro@yahoo.com>
Only the OpenSSL backend actually use the EGDSOCKET, and also use
TLS consistently rather than mixing SSL and TLS. While there, also
fix a minor spelling nit.
Closes: #7391
Reviewed-by: Jay Satiro <raysatiro@yahoo.com>
The documentation for the read callback was erroneously referencing
the nitems argument by nmemb. The error was introduced in commit
ce0881edee.
Closes#7383
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
The API is soon two years old and deserves being shown as the primary
way to drive multi code as it makes it much easier to write code.
multi-poll: removed
multi-legacy: add to show how we did multi API use before
curl_multi_wait/poll.
Closes#7352
The same callback code is used in:
imap-append.c
smtp-authzid.c
smtp-mail.c
smtp-multi.c
smtp-ssl.c
smtp-tls.c
It should not assume that it can copy full lines into the buffer as it
will encourage sloppy coding practices. Instead use byte-wise logic and
check/acknowledge the buffer size appropriately.
Reported-by: Harry Sintonen
Fixes#7330Closes#7331
Follow-up to 6d972c8b1c which missed updating this directory name.
Also no longer call it crustls in the docs and bump to rusttls-ffi 0.7.1
Closes#7311
* luacurl page is now not accessible, fix it with wayback machine page
* Scheme one seems not providing https now, change it back to http one
Closes#7301
Unicode Windows builds use UTF-8 strings internally in libcurl,
so make sure to call the UTF-8 flavour of the libidn2 API. Also
document that Windows builds with libidn2 and UNICODE do expect
CURLOPT_URL as an UTF-8 string.
Reported-by: dEajL3kA on github
Assisted-by: Jay Satiro
Reviewed-by: Marcel Raad
Closes#7246Fixes#7228
They were never officially allowed and slipped in only due to sloppy
parsing. Spaces (ascii 32) should be correctly encoded (to %20) before
being part of a URL.
The new flag bit CURLU_ALLOW_SPACE when a full URL is set, makes libcurl
allow spaces.
Updated test 1560 to verify.
Closes#7073
- Document that HTTP/2 multiplexing is supported by the curl tool when
parallel transfers are used.
Supported since 7.66.0 via --parallel, but the doc wasn't updated.
Closes https://github.com/curl/curl/pull/7259
Warning: this will make existing curl command lines that use metalink to
stop working.
Reasons for removal:
1. We've found several security problems and issues involving the
metalink support in curl. The issues are not detailed here. When
working on those, it become apparent to the team that several of the
problems are due to the system design, metalink library API and what
the metalink RFC says. They are very hard to fix on the curl side
only.
2. The metalink usage with curl was only very briefly documented and was
not following the "normal" curl usage pattern in several ways, making
it surprising and non-intuitive which could lead to further security
issues.
3. The metalink library was last updated 6 years ago and wasn't so
active the years before that either. An unmaintained library means
there's a security problem waiting to happen. This is probably reason
enough.
4. Metalink requires an XML parsing library, which is complex code (even
the smaller alternatives) and to this day often gets security
updates.
5. Metalink is not a widely used curl feature. In the 2020 curl user
survey, only 1.4% of the responders said that they'd are using it. In
2021 that number was 1.2%. Searching the web also show very few
traces of it being used, even with other tools.
6. The torrent format and associated technology clearly won for
downloading large files from multiple sources in parallel.
Cloes #7176