New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Mask password passed in as command line arg like mysql #3680
Comments
If you provide the name and password with the dedicated |
I don't think we should clear the entire proxy string just because someone might pass their credentials there. We could consider scrubbing out them from the string, but since we have a working way to do this I don't think we have to. |
Yes -U masks just fine. Good to know. Might be worth adding to man page. |
Thanks |
Suggested-by: Eric Curtin Improved-by: Dan Fandrich Ref: #3680
Hehe, I was a whole minute faster! |
@ericcurtin are you ok with us closing this issue now? |
|
I did this
curl -x https://user:password@your-proxy-ip-addess:12/ http://www.google.com
ps -ef | grep curl
curtine 7859 3321 0 17:32 pts/1 00:00:00 curl -x https://user:password@your-proxy-ip-addess:12/ http://www.google.com
I expected the following
Masked password for proxy password. Like mysql does https://unix.stackexchange.com/questions/78757/securely-feeding-a-program-with-a-password
curl/libcurl version
curl 7.58.0 (x86_64-pc-linux-gnu) libcurl/7.58.0 OpenSSL/1.1.0g zlib/1.2.11 libidn2/2.0.4 libpsl/0.19.1 (+libidn2/2.0.4) nghttp2/1.30.0 librtmp/2.3
Release-Date: 2018-01-24
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz TLS-SRP HTTP2 UnixSockets HTTPS-proxy PSL
operating system
ubuntu 18.04
The text was updated successfully, but these errors were encountered: