luo980/curl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

transfer: do not clear the credentials on redirect to absolute URL

Browse Source 
Makes test 979 work. Regression shipped in 8.2.0 from commit
dd4d1a2695

Fixes #11486
Reported-by: Cloudogu Siebels
Closes #11492
This commit is contained in:
Daniel Stenberg 2023-07-20 23:28:19 +02:00
parent db1203781c
commit 90bdd2533c
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
1 changed files with 0 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/transfer.c
View File

@ -1558,10 +1558,6 @@ CURLcode Curl_follow(struct Curl_easy *data,
/* If this is not redirect due to a 401 or 407 response and an absolute
URL: don't allow a custom port number */
disallowport = TRUE;
if(!data->set.allow_auth_to_other_hosts) {
Curl_safefree(data->state.aptr.user);
Curl_safefree(data->state.aptr.passwd);
}
}
DEBUGASSERT(data->state.uh);