romenskiy2012/curl

Fork 0

mirror of https://github.com/curl/curl.git synced 2026-06-14 12:35:38 +03:00

Commit graph

Author	SHA1	Message	Date
Daniel Stenberg	a2b943b115	digest: escape control codes too Since the username is decoded when used and control codes are accepted in HTTP usernames in general, the username encoding for the Digest auth needs to percent encode such bytes. Verified by test 3221 Reported-by: Trail of Bits Closes #21915	2026-06-09 09:20:47 +02:00

Author

SHA1

Message

Date

Daniel Stenberg

a2b943b115

digest: escape control codes too

Since the username is decoded when used and control codes are accepted
in HTTP usernames in general, the username encoding for the Digest auth
needs to percent encode such bytes.

Verified by test 3221

Reported-by: Trail of Bits
Closes #21915

2026-06-09 09:20:47 +02:00

1 commit