diff options
Diffstat (limited to 'docs/TODO')
| -rw-r--r-- | docs/TODO | 34 |
1 files changed, 26 insertions, 8 deletions
@@ -73,7 +73,6 @@ 5.5 auth= in URLs 5.6 Refuse "downgrade" redirects 5.7 QUIC - 5.8 Leave secure cookies alone 6. TELNET 6.1 ditch stdin @@ -127,6 +126,7 @@ 15. WinSSL/SChannel 15.1 Add support for client certificate authentication 15.3 Add support for the --ciphers option + 15.4 Add option to disable client certificate auto-send 16. SASL 16.1 Other authentication mechanisms @@ -150,6 +150,7 @@ 18.8 offer color-coded HTTP header output 18.9 Choose the name of file in braces for complex URLs 18.10 improve how curl works in a windows console window + 18.11 Windows: set attribute 'archive' for completed downloads 18.12 keep running, read instructions from pipe/socket 18.13 support metalink in http headers 18.14 --fail without --location should treat 3xx as a failure @@ -605,13 +606,6 @@ implemented. This, to allow other projects to benefit from the work and to thus broaden the interest and chance of others to participate. -5.8 Leave secure cookies alone - - Non-secure origins (HTTP sites) should not be allowed to set or modify - cookies with the 'secure' property: - - https://tools.ietf.org/html/draft-ietf-httpbis-cookie-alone-01 - 6. TELNET @@ -883,6 +877,19 @@ that doesn't exist on the server, just like --ftp-create-dirs. - Specifying Schannel Ciphers and Cipher Strengths https://msdn.microsoft.com/en-us/library/windows/desktop/aa380161.aspx +15.4 Add option to disable client certificate auto-send + + Microsoft says "By default, Schannel will, with no notification to the client, + attempt to locate a client certificate and send it to the server." That could + be considered a privacy violation and unexpected. + + Some Windows users have come to expect that default behavior and to change the + default to make it consistent with other SSL backends would be a breaking + change. An option should be added that can be used to disable the default + Schannel auto-send behavior. + + https://github.com/curl/curl/issues/2262 + 16. SASL 16.1 Other authentication mechanisms @@ -1012,6 +1019,17 @@ that doesn't exist on the server, just like --ftp-create-dirs. window, the transfer is interrupted and can get disconnected. This can probably be improved. See https://github.com/curl/curl/issues/322 +18.11 Windows: set attribute 'archive' for completed downloads + + The archive bit (FILE_ATTRIBUTE_ARCHIVE, 0x20) separates files that shall be + backed up from those that are either not ready or have not changed. + + Downloads in progress are neither ready to be backed up, nor should they be + opened by a different process. Only after a download has been completed it's + sensible to include it in any integer snapshot or backup of the system. + + See https://github.com/curl/curl/issues/3354 + 18.12 keep running, read instructions from pipe/socket Provide an option that makes curl not exit after the last URL (or even work |