[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 137/173: TODO: consider file name from the redirect
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnurl] 137/173: TODO: consider file name from the redirected URL with -O ? |
Date: |
Fri, 24 Feb 2017 14:02:39 +0100 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to annotated tag gnurl-7.53.1
in repository gnurl.
commit c2127b448df1bfab99f3ea9b2bd2eaf0e68701e1
Author: Daniel Stenberg <address@hidden>
AuthorDate: Wed Feb 15 15:12:32 2017 +0100
TODO: consider file name from the redirected URL with -O ?
It isn't easily solved, but with some thinking someone could probably
come up with a working approach?
Closes #1241
---
docs/TODO | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
diff --git a/docs/TODO b/docs/TODO
index 20944b27a..06142f86c 100644
--- a/docs/TODO
+++ b/docs/TODO
@@ -151,6 +151,7 @@
18.14 --fail without --location should treat 3xx as a failure
18.15 --retry should resume
18.16 send only part of --data
+ 18.17 consider file name from the redirected URL with -O ?
19. Build
19.1 roffit
@@ -1026,6 +1027,25 @@ that doesn't exist on the server, just like
--ftp-create-dirs.
See https://github.com/curl/curl/issues/1200
+18.17 consider file name from the redirected URL with -O ?
+
+ When a user gives a URL and uses -O, and curl follows a redirect to a new
+ URL, the file name is not extracted and used from the newly redirected-to URL
+ even if the new URL may have a much more sensible file name.
+
+ This is clearly documented and helps for security since there's no surprise
+ to users which file name that might get overwritten. But maybe a new option
+ could allow for this or maybe -J should imply such a treatment as well as -J
+ already allows for the server to decide what file name to use so it already
+ provides the "may overwrite any file" risk.
+
+ This is extra tricky if the original URL has no file name part at all since
+ then the current code path will error out with an error message, and we can't
+ *know* already at that point if curl will be redirected to a URL that has a
+ file name...
+
+ See https://github.com/curl/curl/issues/1241
+
19. Build
19.1 roffit
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 92/173: telnet: fix windows compiler warnings, (continued)
- [GNUnet-SVN] [gnurl] 92/173: telnet: fix windows compiler warnings, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 84/173: vtls: fix mbedtls multi non blocking handshake., gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 104/173: cmake: Support curl --xattr when built with cmake, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 76/173: parseurl: move back buffer to function scope, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 77/173: usercertinmem.c: improve the short description, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 101/173: docs: we no longer ship HTML versions of man pages, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 96/173: polarssl: fix hangs, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 112/173: darwinssl: Avoid parsing certificates when not in verbose mode, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 95/173: cookies: do not assume a valid domain has a dot, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 66/173: TODO: Chunked transfer multipart formpost, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 137/173: TODO: consider file name from the redirected URL with -O ?,
gnunet <=
- [GNUnet-SVN] [gnurl] 107/173: use *.sourceforge.io and misc URL updates, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 70/173: docs: improved language in README.md HISTORY.md CONTRIBUTE.md, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 113/173: test552: Fix typos, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 131/173: configure: Allow disabling pthreads, fall back on Win32 threads, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 103/173: openssl: Don't use certificate after transferring ownership, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 141/173: proxy: fix hostname resolution and IDN conversion, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 40/173: sws: retry send() on EWOULDBLOCK, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 108/173: cmdline-opts: Fixed build and test in out of source tree builds, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 123/173: examples/multithread.c: link to our multi-thread docs, gnunet, 2017/02/24
- [GNUnet-SVN] [gnurl] 152/173: digest_sspi: Handle 'stale=TRUE' directive in HTTP digest, gnunet, 2017/02/24