On 12/13/21 19:42, Daniel Stenberg via curl-library wrote:
On Mon, 13 Dec 2021, Howard Chu via curl-library wrote:
- Reject: before attempting connection.
Probably this, since RFC 4516 doesn't specify that userinfo is valid
in an LDAP URL. RFC 4516 seems to assume that if authentication is
going to be done, it is configured elsewhere in a client and so
doesn't need to be part of URLs themselves.
I agree. If the spec doesn't allow it and there's no history or other
usage of this in other (well known) applications, then rejecting such
URLs as early as possible seems like the right choice to me.
Thank you both for your replies. I will work in this direction.
Patrick
--
Unsubscribe: https://lists.haxx.se/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
