## Standard
-[RFC 7838](https://tools.ietf.org/html/rfc7838)
+[RFC 7838](https://datatracker.ietf.org/doc/html/rfc7838)
# Alt-Svc cache file format
## Standard
-[HTTP Strict Transport Security](https://tools.ietf.org/html/rfc6797)
+[HTTP Strict Transport Security](https://datatracker.ietf.org/doc/html/rfc6797)
## Behavior
In 2011, [RFC6265](https://www.ietf.org/rfc/rfc6265.txt) was finally
published and details how cookies work within HTTP. In 2016, an update which
added support for prefixes was
- [proposed](https://tools.ietf.org/html/draft-ietf-httpbis-cookie-prefixes-00),
+ [proposed](https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-cookie-prefixes-00),
and in 2017, another update was
- [drafted](https://tools.ietf.org/html/draft-ietf-httpbis-cookie-alone-01)
+ [drafted](https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-cookie-alone-01)
to deprecate modification of 'secure' cookies from non-secure origins. Both
of these drafts have been incorporated into a proposal to
- [replace](https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-02)
+ [replace](https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis-02)
RFC6265. Cookie prefixes and secure cookie modification protection has been
implemented by curl.
may introduce a way to bring such clues to the application and/or let a
subsequent request use the alternate route automatically.
-[Detailed in RFC 7838](https://tools.ietf.org/html/rfc7838)
+[Detailed in RFC 7838](https://datatracker.ietf.org/doc/html/rfc7838)
[1]: https://curl.se/libcurl/c/curl_easy_setopt.html
[2]: https://curl.se/libcurl/c/curl_easy_init.html
[3]: https://c-ares.org/
-[4]: https://tools.ietf.org/html/rfc7230 "RFC 7230"
+[4]: https://datatracker.ietf.org/doc/html/rfc7230 "RFC 7230"
[5]: https://curl.se/libcurl/c/CURLOPT_ACCEPT_ENCODING.html
[6]: https://curl.se/docs/manpage.html#--compressed
[7]: https://curl.se/libcurl/c/curl_multi_socket_action.html
[12]: https://curl.se/libcurl/c/curl_multi_fdset.html
[13]: https://curl.se/libcurl/c/curl_multi_add_handle.html
[14]: https://curl.se/libcurl/c/curl_multi_info_read.html
-[15]: https://tools.ietf.org/html/rfc7231#section-3.1.2.2
+[15]: https://datatracker.ietf.org/doc/html/rfc7231#section-3.1.2.2
something beyond ascii but currently libcurl will only pass in the verbatim
string the app provides. There are several browsers that already do this
encoding. The key seems to be the updated draft to RFC2231:
- https://tools.ietf.org/html/draft-reschke-rfc2231-in-http-02
+ https://datatracker.ietf.org/doc/html/draft-reschke-rfc2231-in-http-02
1.5 Expect-100 meets 417
Curl sends DNS requests for hostnames with a .onion TLD. This leaks
information about what the user is attempting to access, and violates this
- requirement of RFC7686: https://tools.ietf.org/html/rfc7686
+ requirement of RFC7686: https://datatracker.ietf.org/doc/html/rfc7686
Issue: https://github.com/curl/curl/issues/543
As a DNS version of alt-svc and also a pre-requisite for ECH (see below).
-See: https://tools.ietf.org/html/draft-ietf-dnsop-svcb-https-02
+See: https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-svcb-https-02
## ECH (Encrypted Client Hello - formerly known as ESNI)
References:
- https://tools.ietf.org/html/draft-popov-tls-prohibiting-rc4-01
+ https://datatracker.ietf.org/doc/html/draft-popov-tls-prohibiting-rc4-01
## Allow BEAST
https://bugzilla.mozilla.org/show_bug.cgi?id=1220810
- https://tools.ietf.org/html/draft-ietf-dnsop-let-localhost-be-localhost-02
+ https://datatracker.ietf.org/doc/html/draft-ietf-dnsop-let-localhost-be-localhost-02
1.28 FD_CLOEXEC
HOST is a command for a client to tell which host name to use, to offer FTP
servers named-based virtual hosting:
- https://tools.ietf.org/html/rfc7151
+ https://datatracker.ietf.org/doc/html/rfc7151
4.2 Alter passive/active on failure and retry
that previously (in older TLS version) were not set. The clienthello
extension adds padding to avoid that size range.
- https://tools.ietf.org/html/rfc7685
+ https://datatracker.ietf.org/doc/html/rfc7685
https://github.com/curl/curl/issues/2299
14. GnuTLS
The official "URL syntax" is primarily defined in these two different
specifications:
- - [RFC 3986](https://tools.ietf.org/html/rfc3986) (although URL is called
+ - [RFC 3986](https://datatracker.ietf.org/doc/html/rfc3986) (although URL is called
"URI" in there)
- [The WHATWG URL Specification](https://url.spec.whatwg.org/)
ldap://ldap.example.com/?rootDomainNamingContext
For more information about the individual components of a LDAP URL please
-see [RFC 4516](https://tools.ietf.org/html/rfc4516).
+see [RFC 4516](https://datatracker.ietf.org/doc/html/rfc4516).
## POP3
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 2019 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 2019 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
***************************************************************************/
/*
* The Alt-Svc: header is defined in RFC 7838:
- * https://tools.ietf.org/html/rfc7838
+ * https://datatracker.ietf.org/doc/html/rfc7838
*/
#include "curl_setup.h"
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
/*
* "Remove Dot Segments"
- * https://tools.ietf.org/html/rfc3986#section-5.2.4
+ * https://datatracker.ietf.org/doc/html/rfc3986#section-5.2.4
*/
/*
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
/* Portable character check (remember EBCDIC). Do not use isalnum() because
its behavior is altered by the current locale.
- See https://tools.ietf.org/html/rfc3986#section-2.3
+ See https://datatracker.ietf.org/doc/html/rfc3986#section-2.3
*/
bool Curl_isunreserved(unsigned char in)
{
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* "foo.host.com" matches "*.host.com".
*
* We use the matching rule described in RFC6125, section 6.4.3.
- * https://tools.ietf.org/html/rfc6125#section-6.4.3
+ * https://datatracker.ietf.org/doc/html/rfc6125#section-6.4.3
*
* In addition: ignore trailing dots in the host names and wildcards, so that
* the names are used normalized. This is what the browsers do.
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 2020 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 2020 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
***************************************************************************/
/*
* The Strict-Transport-Security header is defined in RFC 6797:
- * https://tools.ietf.org/html/rfc6797
+ * https://datatracker.ietf.org/doc/html/rfc6797
*/
#include "curl_setup.h"
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
if(conn->handler->protocol & PROTO_FAMILY_HTTP) {
/*
- * https://tools.ietf.org/html/rfc7230#section-3.1.2
+ * https://datatracker.ietf.org/doc/html/rfc7230#section-3.1.2
*
* The response code is always a three-digit number in HTTP as the spec
* says. We allow any three-digit number here, but we cannot make
/* the user information is case-sensitive
or at least it is not defined as case-insensitive
- see https://tools.ietf.org/html/rfc3986#section-3.2.1 */
+ see https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.1 */
if(!data->user != !needle->user)
return FALSE;
/* curl_strequal does a case insentive comparison, so do not use it here! */
implementations is desired."
The "-no_ticket" option was introduced in OpenSSL 0.9.8j. It's a flag to
- disable "rfc4507bis session ticket support". rfc4507bis was later turned
- into the proper RFC5077 it seems: https://tools.ietf.org/html/rfc5077
+ disable "rfc4507bis session ticket support". rfc4507bis was later turned
+ into the proper RFC5077: https://datatracker.ietf.org/doc/html/rfc5077
The enabled extension concerns the session management. I wonder how often
libcurl stops a connection and then resumes a TLS session. Also, sending
/* Import certificates from the Windows root certificate store if requested.
https://stackoverflow.com/questions/9507184/
https://github.com/d3x0r/SACK/blob/master/src/netlib/ssl_layer.c#L1037
- https://tools.ietf.org/html/rfc5280 */
+ https://datatracker.ietf.org/doc/html/rfc5280 */
if((SSL_CONN_CONFIG(verifypeer) || SSL_CONN_CONFIG(verifyhost)) &&
(SSL_SET_OPTION(native_ca_store))) {
X509_STORE *store = SSL_CTX_get_cert_store(backend->ctx);
projects / thirdparty / curl.git / commitdiff
