An implementation of the discussion #17817, adding a "notification" feature to the multi handle.
Notification types INFO_READ and EASY_DONE implemented
Notification types expected to gro...
Default handshake timeout is hardcoded (10 seconds) and doesn't respect --connect-timeout parameter. In some cases 10 seconds can be not enough or too long to "establish a connection"...
Hello curl community, I'd like to discuss the possibility of adding openHiTLS as a new cryptographic backend for curl. About openHiTLS openHiTLS is an open-source cryptographic library that provide...
curl added support for OpenSSL immediately when it was first released, as they switched away from SSLeay, in the late 1990s. We have since supported it over the decades as both OpenSSL and curl have developed.
The curl project is happy to introduce official and blessed curl builds for Windows for download on the curl web site. This means we have a set of recommended curl packages that we advice users on Windows to download.
Inspired by the BBC Tech report from @tdp_org, I looked at Wikipedia.
Yesterday, Wikipedia received over 45 million requests made with curl, from 113 distinct curl releases.
Of these, 32 million use the default UA (e.g. curl CLI). The other 13 million embed libcurl with a longer UA string containing curl (e.g. GuzzleHttp/PHP, PycURL, UnityPlayer)
Github interprets ../docs/CONTRIBUTE.md correctly when clicked from https://github.com/curl/curl/blob/master/.github/CONTRIBUTING.md, but does not if clicked on the repo landing page on https://git...
I have an open meeting setup this morning. Open for everyone. If you have any question, comment, thought about #curl or related subjects, or just want to hang out for a while. Join here:
You probably know about threads and most likely header of pthreads, but have you ever used pthread_cancel()? Well, I had not before last week and it was a little bit of a journey.
Try our PHP Profiler: https://tideways.com/profiler/features?utm_source=yt&utm_campaign=yt-curl-shareSubscribe to my newsletter for PHP performance content: ...
Pretend that a ping pong ball represents a single curl installation somewhere in the world. Here's a picture of one to help you get an image in your head.
### Summary
A malicious WebSocket server can send a fragmented message (FIN=0) followed by a flood of continuation frames, causing the client (curl) to continuously allocate memory while waiting...
sftp_download_stat, sftp_upload_init, sftp_quote_stat, sftp_readdir will translate LIBSSH2_ERROR_EAGAIN to CURLE_OK and set *block to TRUE, but outer loop do not check *block, result in busy loop
## Summary
A **Use-After-Free (UAF)** vulnerability was discovered in `curl` at **`curl_trc.c:195`**.
When processing specially crafted input, the code accesses memory after it has already been...
The first release candidate for the pending #curl 8.16.0 release is up and if you have a chance, do try it out and report any and all issues you experience:
If the cookie returned by the server is expired, curl_easy_getinfo(curl, CURLINFO_COOKIELIST, &cookies) will still retrieve one expired cookie(Only the last one).
Below is the test code:
server...
1.) Both support tons of different inputs 2.) both are used in hundreds of different products, closed and open source. 3.) Both can be used from to CLI 4.) Both have a ton of CLI parameters.
I would say #ffmpeg has even more parameters you need to know by heart then #curl 🤣
My Midnight Battle with a curl Command
A story of PowerShell, a annoying bug, and what stood between me and a dream internship in Japan.
Obviously every problem has its own background story,
It was …
The #curl sticker right in the middle of the #frameworkcomputer logo fits so well I initially didn't even realize its existence and the fact that no other comment that I can currently see mentions it I'm probably not the only one😁
