I posted about adding pthread_cancel use in curl about three weeks ago, we released this in curl 8.16.0 and it blew up right in our faces. Now, with #18540 we are ripping it out again.
By appending :all:[separator] to the header name. The [separator] string is output between each header value if there are more than one to output.
Test 764 verifies
Idea-by: kapsiR on github
Ref: #...
WebSocket has been supported by curl as a non-experimental feature since version 8.11.0 (November 6 2024). With the upcoming release of version 8.16.0, we are taking it a step further.
In this newly disclosed #curl security report it is painfully obvious how the user's "clever" idea of using an AI to write the report made the report into a impenetrable wall of text instead of simply stating the problem in a few coherent paragraphs.
libcurl canonicalizes numeric IPv4 hostnames during URL parsing and redirect handling (example: 127.000.000.001 to 127.0.0.1). When a host-only cookie (no Domain= attribute) is set, it is stored in...
Having ongoing discussions about URL parsing differences as a basis for a #curl security vulnerability report made me check when I wrote my "my URL isn't your URL" blog post.
*Nine years ago*. And we have not made a single move towards a solution in all this time.
When I started the precursor to the curl project, httpget, back in 1996, I wrote my first URL parser. Back then, the universal address was still called URL: Uniform Resource Locators. That spec was published by the IETF in 1994.
If they do, that's a shame but there's not a lot I can do. Anyone who can verify this claim? (probably by scanning the binaries for known names or similar)
Hi, I just want to let you know (and have there be a record) of the fact that Digital Extremes, a Canadian video-game-developer-turned-GaaS-developer, are using cURL (statically linked alongside Op...
I noticed the typo in the --retry-max-time docs and decide to do a quick search for staring which lead to three more places where this typo made its way into the docs.
An implementation of the discussion #17817, adding a "notification" feature to the multi handle.
Notification types INFO_READ and EASY_DONE implemented
Notification types expected to gro...
Default handshake timeout is hardcoded (10 seconds) and doesn't respect --connect-timeout parameter. In some cases 10 seconds can be not enough or too long to "establish a connection"...
Hello curl community, I'd like to discuss the possibility of adding openHiTLS as a new cryptographic backend for curl. About openHiTLS openHiTLS is an open-source cryptographic library that provide...
curl added support for OpenSSL immediately when it was first released, as they switched away from SSLeay, in the late 1990s. We have since supported it over the decades as both OpenSSL and curl have developed.
The curl project is happy to introduce official and blessed curl builds for Windows for download on the curl web site. This means we have a set of recommended curl packages that we advice users on Windows to download.
Inspired by the BBC Tech report from @tdp_org, I looked at Wikipedia.
Yesterday, Wikipedia received over 45 million requests made with curl, from 113 distinct curl releases.
Of these, 32 million use the default UA (e.g. curl CLI). The other 13 million embed libcurl with a longer UA string containing curl (e.g. GuzzleHttp/PHP, PycURL, UnityPlayer)
Github interprets ../docs/CONTRIBUTE.md correctly when clicked from https://github.com/curl/curl/blob/master/.github/CONTRIBUTING.md, but does not if clicked on the repo landing page on https://git...
I have an open meeting setup this morning. Open for everyone. If you have any question, comment, thought about #curl or related subjects, or just want to hang out for a while. Join here:
You probably know about threads and most likely header of pthreads, but have you ever used pthread_cancel()? Well, I had not before last week and it was a little bit of a journey.
Try our PHP Profiler: https://tideways.com/profiler/features?utm_source=yt&utm_campaign=yt-curl-shareSubscribe to my newsletter for PHP performance content: ...
