From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 20 Jul 2023 21:28:19 +0000 (+0200)
Subject: transfer: do not clear the credentials on redirect to absolute URL
X-Git-Tag: curl-8_2_1~22
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=90bdd2533cd8846c197f29c4f435d816758c7539;p=thirdparty%2Fcurl.git

transfer: do not clear the credentials on redirect to absolute URL

Makes test 979 work. Regression shipped in 8.2.0 from commit
dd4d1a26959f63a2c

Fixes #11486
Reported-by: Cloudogu Siebels
Closes #11492
---

diff --git a/lib/transfer.c b/lib/transfer.c
index 52cd6a0153..b678004b95 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -1558,10 +1558,6 @@ CURLcode Curl_follow(struct Curl_easy *data,
     /* If this is not redirect due to a 401 or 407 response and an absolute
        URL: don't allow a custom port number */
     disallowport = TRUE;
-    if(!data->set.allow_auth_to_other_hosts) {
-      Curl_safefree(data->state.aptr.user);
-      Curl_safefree(data->state.aptr.passwd);
-    }
   }
 
   DEBUGASSERT(data->state.uh);