> > Still, even if the sanitization is removed: I think it would be better if > RESTORE_POST_DATA restores the previous value of opt.method, instead of > overwriting it with a hardcoded "POST". Isn't it? > > As double safety yes. Maybe we should do that.
> A related question: how is a redirect response to a PUT request handled? > How should it be handled? > I'd rather that Giuseppe or someone else answers this in more detail. I haven't tried it, but it looks like in that case the SUSPEND_POST_DATA > macro is called (by retrieve_url in retr.c). If that's true, then later on > the opt.method would be 'restored' to "POST" by RESTORE_POST_DATA. > > In case, we wish to use the SUSPEND_POST_DATA macro for other commands too, then we must make it store method in a backup string and retrieve it. In any case, I think storing and retrieving opt.method is probably a good, safe option that we must implement. > Regards, > > Gijs > > -- Thanking You, Darshit Shah Research Lead, Code Innovation Kill Code Phobia. B.E.(Hons.) Mechanical Engineering, '14. BITS-Pilani