[bug #56909] wget Authorization header leak via 3xx redirects

bug-wget

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug #56909] wget Authorization header leak via 3xx redirects

From:	Paul Wise
Subject:	[bug #56909] wget Authorization header leak via 3xx redirects
Date:	Sat, 5 Mar 2022 01:57:49 -0500 (EST)

Follow-up Comment #10, bug #56909 (project wget):

Looking at the curl patch, it seems that it restricts all Authorization
headers, even manually added ones, unless the option is set. That seems like
the right way to go to me.

https://github.com/curl/curl/commit/af32cd3859336ab.patch

    _______________________________________________________

Reply to this item at:

  <https://savannah.gnu.org/bugs/?56909>

_______________________________________________
  Message sent via Savannah
  https://savannah.gnu.org/

[Prev in Thread]

Current Thread

[Next in Thread]

[bug #56909] wget Authorization header leak via 3xx redirects, Paul Wise <=

Prev by Date: [bug #62137] wget segfaults when using openssl and a FTPS server in TLS 1.3
Next by Date: Re bugs on setup
Previous by thread: [bug #62137] wget segfaults when using openssl and a FTPS server in TLS 1.3
Next by thread: Re bugs on setup
Index(es):
- Date
- Thread