On Mon, 17 Oct 2022, Timothe Litt via curl-library wrote:
If we're going forwward with this, the new behavior should be a new option.
It can be a new value for the current option,
I can tell you didn't look at the PR...
--
/ daniel.haxx.se
| Commercial curl support up to 24x7 is
On 17-Oct-22 16:57, Daniel Stenberg via curl-library wrote:
On Mon, 17 Oct 2022, Dmitry Karpov via curl-library wrote:
I'm all for adding an option to add the host-only behaviour as an
option, but not to make it the default.
Yes, I also think that this is the right way to do it.
I hear
On Mon, 17 Oct 2022, Dmitry Karpov via curl-library wrote:
I'm all for adding an option to add the host-only behaviour as an option,
but not to make it the default.
Yes, I also think that this is the right way to do it.
I hear you. Thanks all for the feedback.
If we're going forwward with
l-library On Behalf Of Dan
Fandrich via curl-library
Sent: Monday, October 17, 2022 10:17 AM
To: curl-library@lists.haxx.se
Cc: Dan Fandrich
Subject: [EXTERNAL] Re: On CURLOPT_AUTOREFERER privacy
On Mon, Oct 17, 2022 at 04:34:05PM +0200, Daniel Stenberg via curl-library
wrote:
> On Mon, 17 O
On Mon, Oct 17, 2022 at 04:34:05PM +0200, Daniel Stenberg via curl-library
wrote:
> On Mon, 17 Oct 2022, Timothe Litt via curl-library wrote:
>
> > > My initial PR for this work: https://github.com/curl/curl/pull/9750
> > >
> > Why change the default behavior?
>
> For improved privacy. Because
On Mon, 17 Oct 2022, Timothe Litt via curl-library wrote:
My initial PR for this work: https://github.com/curl/curl/pull/9750
Why change the default behavior?
For improved privacy. Because the browsers sort of do it like this.
--
/ daniel.haxx.se
| Commercial curl support up to 24x7 is
On 17-Oct-22 09:46, Daniel Stenberg via curl-library wrote:
Hello,
When setting the CURLOPT_AUTOREFERER option, libcurl automatically
sets the referer: header in following request (like when following
redirects) to the URL of the previous transfer.
This can be considered a minor privacy
Hello,
When setting the CURLOPT_AUTOREFERER option, libcurl automatically sets the
referer: header in following request (like when following redirects) to the
URL of the previous transfer.
This can be considered a minor privacy leak, especially when folllowing
requests cross-orgin and to an