TODO: Prevent terminal injection when writing to terminal

author Daniel Stenberg <daniel@haxx.se>

Wed, 16 Dec 2020 22:38:20 +0000 (23:38 +0100)

committer Daniel Stenberg <daniel@haxx.se>

Wed, 16 Dec 2020 22:38:20 +0000 (23:38 +0100)
author Daniel Stenberg <daniel@haxx.se>
Wed, 16 Dec 2020 22:38:20 +0000 (23:38 +0100)
committer Daniel Stenberg <daniel@haxx.se>
Wed, 16 Dec 2020 22:38:20 +0000 (23:38 +0100)
diff --git a/docs/TODO b/docs/TODO

index 2b3117c0482d15df21cbdf9fa6c527e070da7d43..6a9f8cf62cabe6392480641c2b3f48cc45fb2674 100644 (file)
--- a/docs/TODO
+++ b/docs/TODO
@@ -163,6 +163,7 @@
   18.21 retry on the redirected-to URL
   18.23 Set the modification date on an uploaded file
   18.24 Use multiple parallel transfers for a single download
+ 18.25 Prevent terminal injection when writing to terminal
  
   19. Build
   19.1 roffit
@@ -1170,6 +1171,15 @@ that doesn't exist on the server, just like --ftp-create-dirs.
  
   See https://github.com/curl/curl/issues/5774
  
+18.25 Prevent terminal injection when writing to terminal
+
+ curl could offer an option to make escape sequence either non-functional or
+ avoid cursor moves or similar to reduce the risk of a user getting tricked by
+ clever tricks.
+
+ See https://github.com/curl/curl/issues/6150
+
+
  19. Build
  
  19.1 roffit
author	Daniel Stenberg <daniel@haxx.se>
	Wed, 16 Dec 2020 22:38:20 +0000 (23:38 +0100)
committer	Daniel Stenberg <daniel@haxx.se>
	Wed, 16 Dec 2020 22:38:20 +0000 (23:38 +0100)