romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-05-20 13:16:22 +03:00
Code Issues Projects Releases Packages Wiki Activity

VULN-DISCLOSURE-POLICY.md: test code is not secure

Browse source 
Don't tell us about it

Closes #21660
This commit is contained in:
Daniel Stenberg 2026-05-18 16:05:49 +02:00
parent 9107e8ba98
commit 64824e439d
No known key found for this signature in database
GPG key ID: 5CC908FDB71E12C2
1 changed files with 8 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
docs/VULN-DISCLOSURE-POLICY.md
View file

@ -254,6 +254,14 @@ security problems.
The same applies to scripts and software which are not installed by default
through the make install rule.
## Test code
curl has an extensive test suite with lots of code written specifically to
exercise and verify curl, libcurl and specific internal functions. The test
code and its associated test servers are *not* intended for production use.
They are not secure, you should not assume otherwise and must not report about
security problems in those.
## URL inconsistencies
URL parser inconsistencies between browsers and curl are expected and are not