If you've seen in the PR for #ECH in #curl and been curious what it is? github.com/curl/curl/pull/1192…
The browsers go all-in on it. Now #Firefox:
blog.mozilla.org/en/products/f…
As web users, what we say and do online is subject to pervasive surveillance. Although we typically associate online tracking with ad networks and other thSarah Vasquez (The Mozilla Blog)
ftpserver.pl correctly cleans up spawned server processes, but forgets to wait for the shell used to spawn them. This is barely noticeable during a normal testrun, but causes process exhaustion and...GitHub
We are cutting the release cycle short and will release curl 8.4.0 on October 11, including fixes for a severity HIGH CVE and one severity LOW. The one rated HIGH is probably the worst curl securit...GitHub
We ask Daniel Stenberg about the evolution of the Internet, the origins of curl, the open-source movement, his thoughts on Web3, and more...Bill Doerrfeld (Nordic APIs)
Today might be a good day to remind everyone that I can work on #curl full-time thanks to customers paying for support.
Today in my #inbox: someone emailed me the full #curl license text. With nothing extra. Just the exact text also found here: github.com/curl/curl/blob/mast…
Thank you!
The slides = https://www.slideshare.net/DanielStenberg7/mastering-the-curl-command-linepdf0:00 Mastering the curl command line0:16 Daniel Stenberg0:36 curl s...YouTube
The Internet Bug Bounty is the organization that funds all #curl bounties.
hackerone.com/internet-bug-bou…
The Internet Bug Bounty is a program for core net infrastructure & open source software. We reward hackers who uncover security vulnerabilities. Learn more!HackerOne
I talk about curl, open source, networking and stuff like that from my view and angle from my home in Stockholm, Sweden. I'm the lead developer of curl. I'm occasionally live-streaming curl development on twitch: https://www.twitch.YouTube
I ran a docker image to install RUN mkdir github-action-runner && cd github-action-runner && curl -O -L https://github.com/actions/runner/releases/download/v2.305.0/actions-runner-linux-x64-2.305.0...GitHub
Resolves curl-www #270GitHub
I'm Daniel Stenberg, maintainer and lead developer in the curl project. I stream curl related stuff. Release presentations, curl development and related topics.Twitch
Say hi to #curl 8.2.0 => daniel.haxx.se/blog/2023/07/19…
5 changes. 122 bugfixes. One security fix: CVE-2023-32001
Right now, when building curl with a wolfssl build that has TLS 1.2 disabled, the build fails with curl trying to find the TLSv1_2_client_method symbol. This PR adds a compile-time check to see if ...GitHub
I plan to do the definite "learning #curl the command line tool" video class on August 31: gist.github.com/bagder/253a236…
The agenda is still work in progress. I hope there's nothing obvious missing there?
Master curl in two hours. A video course by Daniel - curl-in-two-hours-agenda.mdGist
See nghttp2/nghttp2#1930 for changes.GitHub
A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS…GitHub
I'm looking for someone who wants to implement this callback for #curl #websocket support: github.com/curl/curl/issues/11…
It might be the last missing feature before we can enable it (the websocket API) by default.
I did this I started with the websocket-cb example and connected to an echo websocket server for testing. I expected the following I expected the data callback to be called once the connection is e...GitHub
if EOF happens, socket is readable, SSLHandshake calls bio_cf_in_read; which interprets nread == 0 as errSSLWouldBlock, which leads to busy loop until timeout occurs or possibly write fails. I have...GitHub
"Alert: if you look up curl CVEs in public sources like NVD you will find they use inflated severity levels and CVSS scores. They think they know better and override our assessments. This is a systemic error that we unfortunately cannot fix. Feel free to complain to them - we keep doing it to no use - and consider using our material as the canonical sources for curl issues. "
Quote from curl.se/docs/security.html #curl
This PR is based on the conversation here. When sending an HTTP/2 POST request, curl will always defer request body to a different TLS record (if SSL/TLS is enabled) and TCP packet. This problem is...GitHub
Updated example as suggested by @bohwaz in #10300 So this fixes #10300GitHub
Remove unneeded macro parameter to match function and avoid compiler warningGitHub
If you are looking for a basic first thing to implement for #curl, maybe this could be it?
"Allow --write-out output to be written to a file" ?
github.com/curl/curl/discussio…
I would find it useful to have a way to cause the --write-out output of the curl tool to be written to a file instead of stdout or stderr which may both be in use for other purposes. One way to ach...GitHub
A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS…GitHub
A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS…GitHub
For some reason the CMake project was set to QUIET for Brotli instead of REQUIRED. This makes builds unexpectedly ignore missing Brotli even when CURL_BROTLI is enabled.GitHub
Use regular variables and separate file open modes from filenames. Suggested by perlcritic Copied from curl/trurl@f2784a9240f47ee28a845 /cc @pabs3GitHub
Number of announced security vulnerabilities in #curl per year, separated into high/critical vs low/medium.
These are real severity levels, not the NVD spicy versions.
This PR fixes compiler warning (gcc 8.3 with flag -Wunused-variable) "unused variable ‘ctx’". The variable is used only if HAVE_GETPEERNAME is defined, but variable defined before directive.GitHub
