From 2180d7b4bc126b1920eab139f9ca0b253e7c02f0 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 10 Dec 2025 09:19:32 +0100 Subject: [PATCH] CURLOPT_FOLLOWLOCATION.md: s/Authentication:/Authorization:/ Closes #19915 --- docs/libcurl/opts/CURLOPT_FOLLOWLOCATION.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/libcurl/opts/CURLOPT_FOLLOWLOCATION.md b/docs/libcurl/opts/CURLOPT_FOLLOWLOCATION.md index f3e3b99bd3..f67f85c6f2 100644 --- a/docs/libcurl/opts/CURLOPT_FOLLOWLOCATION.md +++ b/docs/libcurl/opts/CURLOPT_FOLLOWLOCATION.md @@ -63,7 +63,7 @@ or just lacks features, it is easy to instead implement your own redirect follow logic with the use of curl_easy_getinfo(3)'s CURLINFO_REDIRECT_URL(3) option instead of using CURLOPT_FOLLOWLOCATION(3). -By default, libcurl only sends `Authentication:` or explicitly set `Cookie:` +By default, libcurl only sends `Authorization:` or explicitly set `Cookie:` headers to the initial host given in the original URL, to avoid leaking username + password to other sites. CURLOPT_UNRESTRICTED_AUTH(3) is provided to change that behavior. -- 2.47.3