Commit Graph

28 Commits

Author SHA1 Message Date
Daniel Stenberg
f98344c4ae
man pages: simplify the .TH sections
- remove the version numbers
- simplify the texts

The date and version number will be put there for releases when maketgz
runs the updatemanpages.pl script.

Closes #11029
2023-04-26 10:17:13 +02:00
Daniel Stenberg
2bc1d775f5
copyright: update all copyright lines and remove year ranges
- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- saves us from pointless churn
- git keeps history for us
- the year range is kept in COPYING

checksrc is updated to allow non-year using copyright statements

Closes #10205
2023-01-03 09:19:21 +01:00
Daniel Stenberg
fd1ce3d4b0
docs: spellfixes
Pointed by the new CI job
2022-09-21 15:20:08 +02:00
Samuel Henrique
aa34135e8f
libcurl-security.3: fix typo on macro "SH_"
During the packaging of the latest curl release for Debian, Lintian
warned me about a typo which causes the section name "Secrets in memory"
to not be rendered in the manpage due to "SH_" not being recognized as a
header.

Closes #9057
2022-06-27 23:59:18 +02:00
max.mehl
ad9bc5976d
copyright: make repository REUSE compliant
Add licensing and copyright information for all files in this repository. This
either happens in the file itself as a comment header or in the file
`.reuse/dep5`.

This commit also adds a Github workflow to check pull requests and adapts
copyright.pl to the changes.

Closes #8869
2022-06-13 09:13:00 +02:00
Haxatron
23408f1fd2 libcurl-security.3: Document CRLF header injection
- Document that user input to header options is not sanitized, which
  could result in CRLF used to modify the request in a way other than
  what was intended.

Ref: https://hackerone.com/reports/1589877
Ref: https://medium.com/@tomnomnom/crlf-injection-into-phps-curl-options-e2e0d7cfe545

Closes https://github.com/curl/curl/pull/8964
2022-06-08 02:32:35 -04:00
Daniel Stenberg
7f2e1d345a
libcurl-security.3: add "Secrets in memory"
Closes #8881
2022-05-20 17:36:25 +02:00
Dan Fandrich
bedd44f434 libcurl-security.3: mention address and URL mitigations
The new CURLOPT_PREREQFUNCTION callback is another way to sanitize
addresses.
Using the curl_url API is a way to mitigate against attacks relying on
URL parsing differences.
2021-12-15 00:14:29 -08:00
Daniel Stenberg
76d6e719d9
docs: address proselint nits
- avoid exclamation marks
- use consistent number of spaces after periods: one
- avoid clichés
- avoid using 'very'

Closes #8060
2021-11-26 14:27:07 +01:00
Daniel Stenberg
a28464ae77
docs: reduce/avoid English contractions
You're => You are
Hasn't => Has not
Doesn't => Does not
Don't => Do not
You'll => You will
etc

Closes #7930
2021-11-07 23:16:27 +01:00
Daniel Stenberg
92efb3db7e
docs: reduce use of "very"
"Very" should be avoided in most texts. If intensifiers are needed, try
find better words instead.

Closes #7936
2021-11-01 16:13:12 +01:00
Daniel Stenberg
933c61e4fc
libcurl-security.3: mention file descriptors and forks
... and move the security report section last.

Reported-by: Harry Sintonen
Closes #7270
2021-06-17 17:11:40 +02:00
Daniel Gustafsson
772eacb2e3 docs: fix typos 2021-05-31 12:47:15 +02:00
Daniel Stenberg
2e23f3b8d5
libcurl-security.3: be careful of setuid
Reported-by: Harry Sintonen
Closes #6970
2021-04-27 07:51:42 +02:00
Daniel Stenberg
7fdf01f32e
libcurl-security.3: don't try to filter IPv4 hosts based on the URL
Closes #6942
2021-04-26 10:25:03 +02:00
Daniel Stenberg
4d2f800677
curl.se: new home
Closes #6172
2020-11-04 23:59:47 +01:00
Daniel Stenberg
83cc966708
man pages: switch to https://example.com URLs
Since HTTPS is "the new normal", this update changes a lot of man page
examples to use https://example.com instead of the previous "http://..."

Closes #5969
2020-09-17 16:28:18 +02:00
Daniel Stenberg
0845ecbb6d
docs: add warnings about FILE: URLs on Windows
- --url man page section
 - libcurl-security.3 gets the full text
 - CURLOPT_URL.3

Reported-by: Tim Sedlmeyer
2020-03-13 16:56:41 +01:00
Jay Satiro
e8442e4ffc libcurl: Restrict redirect schemes (follow-up)
- Allow FTPS on redirect.

- Update default allowed redirect protocols in documentation.

Follow-up to 6080ea0.

Ref: https://github.com/curl/curl/pull/4094

Closes https://github.com/curl/curl/pull/4115
2019-07-17 00:48:40 -04:00
Daniel Stenberg
02a62074c7
libcurl-security.3: update to new CURLOPT_REDIR_PROTOCOLS defaults
follow-up to 6080ea098
2019-07-14 16:32:50 +02:00
Viktor Szakats
b801b453af whitespace fixes
- replace tabs with spaces where possible
- remove line ending spaces
- remove double/triple newlines at EOF
- fix a non-UTF-8 character
- cleanup a few indentations/line continuations
  in manual examples

Closes https://github.com/curl/curl/pull/3037
2018-09-23 22:24:02 +00:00
Daniel Stenberg
71d35e4a1d
libcurl-security.3: improved layout for two rememdy lists 2018-05-31 11:19:05 +02:00
Daniel Stenberg
5f07fca8f7
libcurl-security.3: refer to URL instead of in-source markdown file 2018-05-31 11:11:38 +02:00
Jakub Wilk
24e8355877 docs: fix typos
Closes https://github.com/curl/curl/pull/2503
2018-04-17 15:32:51 -04:00
Daniel Stenberg
63f6b3b220
libcurl-security.3: separate file:// section
... just to make it more apparent. Even if it repeats
some pieces of information.
2018-02-13 14:04:04 +01:00
Daniel Stenberg
1e720400aa
libcurl-security.3: the http://192.168.0.1/my_router_config case
Mentioned-By: Rich Moore
2018-02-13 13:54:11 +01:00
Daniel Stenberg
03b7b2e8fc
libcurl-security.3: mention the URL standards problems too 2018-02-13 12:05:43 +01:00
Daniel Stenberg
3901842055
libcurl-security.3: split out from libcurl-tutorial.3
To make more accessible.

Merged in some new language from "URLs are dangerous things" as discussed on
the mailing list a few days ago:

Bug: https://curl.haxx.se/mail/lib-2018-02/0013.html
2018-02-13 12:02:09 +01:00