5.6 Refuse "downgrade" redirects

author Daniel Stenberg <daniel@haxx.se>

Sat, 30 May 2015 22:39:19 +0000 (00:39 +0200)

committer Daniel Stenberg <daniel@haxx.se>

Sat, 30 May 2015 22:39:19 +0000 (00:39 +0200)
author Daniel Stenberg <daniel@haxx.se>
Sat, 30 May 2015 22:39:19 +0000 (00:39 +0200)
committer Daniel Stenberg <daniel@haxx.se>
Sat, 30 May 2015 22:39:19 +0000 (00:39 +0200)
diff --git a/docs/TODO b/docs/TODO

index 0ffa8df816d155eabba34e79d9135d3639f5de26..7791ea2915e8bf77d47fd31d6ada2a999ac796c9 100644 (file)
--- a/docs/TODO
+++ b/docs/TODO
@@ -49,6 +49,7 @@
   5.3 Rearrange request header order
   5.4 SPDY
   5.5 auth= in URLs
+ 5.6 Refuse "downgrade" redirects
  
   6. TELNET
   6.1 ditch stdin
@@ -348,6 +349,14 @@ This is not detailed in any FTP specification.
  
   Additionally this should be implemented for proxy base URLs as well.
  
+5.6 Refuse "downgrade" redirects
+
+ See https://github.com/bagder/curl/issues/226
+
+ Consider a way to tell curl to refuse to "downgrade" protocol with a redirect
+ and/or possibly a bit that refuses redirect to change protocol completely.
+
+
  6. TELNET
  
  6.1 ditch stdin
author	Daniel Stenberg <daniel@haxx.se>
	Sat, 30 May 2015 22:39:19 +0000 (00:39 +0200)
committer	Daniel Stenberg <daniel@haxx.se>
	Sat, 30 May 2015 22:39:19 +0000 (00:39 +0200)