f317b75c | 08-Jun-2022 |
Daniel Stenberg |
runtests: fix skipping tests not done event-based ... and call timestampskippedevents() to avoid the flood of uninitialized variable warnings. Closes #8977 |
07058f6a | 07-Jun-2022 |
Daniel Stenberg |
transfer: maintain --path-as-is after redirects Reported-by: Marcus T Fixes #8974 Closes #8975 |
5394cbf5 | 07-Jun-2022 |
Daniel Stenberg |
test391: verify --path-as-is with redirect |
ae8a329e | 08-Jun-2022 |
Jay Satiro |
curl_global_init.3: Separate the Windows loader lock warning This is a slight correction of the parent commit which implied the loader lock warning only applied if not thread-safe. In fa
curl_global_init.3: Separate the Windows loader lock warning This is a slight correction of the parent commit which implied the loader lock warning only applied if not thread-safe. In fact the loader lock warning applies either way. Ref: https://github.com/curl/curl/pull/8972#discussion_r891987030
show more ...
|
ba475668 | 07-Jun-2022 |
Daniel Stenberg |
curl_global_init.3: this is now (usually) thread-safe Follow-up to 23af112f5556 Closes #8972 |
23408f1f | 06-Jun-2022 |
Haxatron <76475453+Haxatron@users.noreply.github.com> |
libcurl-security.3: Document CRLF header injection - Document that user input to header options is not sanitized, which could result in CRLF used to modify the request in a way other t
libcurl-security.3: Document CRLF header injection - Document that user input to header options is not sanitized, which could result in CRLF used to modify the request in a way other than what was intended. Ref: https://hackerone.com/reports/1589877 Ref: https://medium.com/@tomnomnom/crlf-injection-into-phps-curl-options-e2e0d7cfe545 Closes https://github.com/curl/curl/pull/8964
show more ...
|
c11380d2 | 07-Jun-2022 |
Jay Satiro |
CURLOPT_RANGE.3: remove ranged upload advice The e-mail link in the advice contains instructions that are prone to error. We need an example that works and can demonstrate how to properl
CURLOPT_RANGE.3: remove ranged upload advice The e-mail link in the advice contains instructions that are prone to error. We need an example that works and can demonstrate how to properly perform a ranged upload, and then we can refer to that example instead. Bug: https://github.com/curl/curl/issues/8969 Reported-by: Simon Berger Closes https://github.com/curl/curl/pull/8970
show more ...
|
2ed10125 | 05-Apr-2022 |
Thomas Guillem |
curl_version_info: add CURL_VERSION_THREADSAFE_INIT This flag can be used to make sure that curl_global_init() is thread-safe. This can be useful for libraries that can't contro
curl_version_info: add CURL_VERSION_THREADSAFE_INIT This flag can be used to make sure that curl_global_init() is thread-safe. This can be useful for libraries that can't control what other dependencies are doing with Curl. Closes #8680
show more ...
|
23af112f | 05-Apr-2022 |
Thomas Guillem |
lib: make curl_global_init() threadsafe when possible Use a posix pthread or a Windows SRWLOCK to lock curl_global_init*() and curl_global_cleanup(). Closes #8680 |
134963a5 | 06-Jun-2022 |
Daniel Stenberg |
RELEASE-NOTES: synced |
77ad7593 | 21-May-2022 |
Fabian Keil |
test414: add the '--resolve' keyword ... so the test can be automatically skipped when using an external proxy like Privoxy. Closes #8959 |
d313db70 | 13-Dec-2021 |
Fabian Keil |
test{440,441,493,977}: add "HTTP proxy" keywords ... so the tests can be automatically skipped when using an external proxy like Privoxy. Closes #8959 |
Revision tags: curl-7_76_1 |
|
3561e4ed | 31-Mar-2021 |
Fabian Keil |
runtests.pl: add the --repeat parameter to the --help output Closes #8959 |
Revision tags: curl-7_76_0 |
|
1d288d46 | 30-Mar-2021 |
Fabian Keil |
test 2081: add a valid reply for the second request ... so the test works when using a HTTP proxy like Privoxy that sends an error message if the server doesn't send data. C
test 2081: add a valid reply for the second request ... so the test works when using a HTTP proxy like Privoxy that sends an error message if the server doesn't send data. Closes #8959
show more ...
|
9dfa1dcf | 22-Feb-2021 |
Fabian Keil |
test 675: add missing CR so the test passes when run through Privoxy Closes #8959 |
6754f993 | 05-Jun-2022 |
Daniel Stenberg |
ftp: when failing to do a secure GSSAPI login, fail hard ... instead of switching to cleartext. For the sake of security. Reported-by: Harry Sintonen Bug: https://hackerone.com/
ftp: when failing to do a secure GSSAPI login, fail hard ... instead of switching to cleartext. For the sake of security. Reported-by: Harry Sintonen Bug: https://hackerone.com/reports/1590102 Closes #8963
show more ...
|
21ea13cf | 05-Jun-2022 |
Daniel Stenberg |
http2: reject overly many push-promise headers Getting more than a thousand of them is rather a sign of some kind of attack. Reported-by: Harry Sintonen Bug: https://hackero
http2: reject overly many push-promise headers Getting more than a thousand of them is rather a sign of some kind of attack. Reported-by: Harry Sintonen Bug: https://hackerone.com/reports/1589847 Closes #8962
show more ...
|
9dbce9b3 | 27-Mar-2021 |
Fabian Keil |
misc: spelling improvements Closes #8956 |
298c1dfc | 05-Jun-2022 |
Tatsuhiro Tsujikawa |
ngtcp2: fix assertion failure on EMSGSIZE Closes #8958 |
2bd75e56 | 02-Jun-2022 |
Daniel Stenberg |
easy/transfer: fix cookie-disabled build Follow-up from 45de940cebf6a Reported-by: Marcel Raad Fixes #8953 Closes #8954 |
07a9b89f | 02-Jun-2022 |
Daniel Stenberg |
examples/crawler.c: use the curl license With permission from Jeroen Ooms URL: https://github.com/curl/curl/pull/8869#issuecomment-1144742731 Closes #8950 |
cce50bd3 | 02-Jun-2022 |
Daniel Stenberg |
speed-limit/time.d: mention these affect transfers in either direction Reported-by: Ladar Levison Fixes #8948 Closes #8951 |
e517b632 | 02-Jun-2022 |
Daniel Stenberg |
scripts/copyright.pl: fix the exclusion to not ignore man pages Ref: #8869 Closes #8952 |
df829a1f | 02-Jun-2022 |
Daniel Stenberg |
examples: remove fopen.c and rtsp.c To simplify the license situation, as they were the only files in the source tree using these specific BSD-3 clause licenses. For an fopen st
examples: remove fopen.c and rtsp.c To simplify the license situation, as they were the only files in the source tree using these specific BSD-3 clause licenses. For an fopen style API, we recommend instead going https://github.com/curl/fcurl Ref: #8869 Closes #8949
show more ...
|
4d4eb8e5 | 02-Jun-2022 |
Wolf Vollprecht |
netrc: check %USERPROFILE% as well on Windows Closes #8855 |