mirror/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-01-26 15:03:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs/libcurl: mention sensitive data/headers

Browse Source 
In the CURLOPT_DEBUGFUNCTION and CURLOPT_VERBOSE documentation.

Mentioned-by: Gordon Parke
Fixes #17353
Closes #17355
This commit is contained in:
Daniel Stenberg 2025-05-15 11:02:55 +02:00
parent 8076824870
commit b4310c0fb9
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
2 changed files with 13 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
docs/libcurl/opts/CURLOPT_DEBUGFUNCTION.md
View File

@ -51,11 +51,13 @@ Pass a pointer to your callback function, which should match the prototype
shown above.
CURLOPT_DEBUGFUNCTION(3) replaces the standard debug function used when
CURLOPT_VERBOSE(3) is in effect. This callback receives debug
information, as specified in the *type* argument. This function must
return 0. The *data* pointed to by the char * passed to this function is
not null-terminated, but is exactly of the *size* as told by the
*size* argument.
CURLOPT_VERBOSE(3) is in effect. This callback receives debug information, as
specified in the *type* argument. This function must return 0. The *data*
pointed to by the char * passed to this function is not null-terminated, but
is exactly of the *size* as told by the *size* argument.
**WARNING** this callback may receive sensitive contents from headers and
data, including information sent as **CURLINFO_TEXT**.
The *clientp* argument is the pointer set with CURLOPT_DEBUGDATA(3).

10
docs/libcurl/opts/CURLOPT_VERBOSE.md
View File

@ -28,10 +28,10 @@ CURLcode curl_easy_setopt(CURL *handle, CURLOPT_VERBOSE, long onoff);
# DESCRIPTION
Set the *onoff* parameter to 1 to make the library display a lot of
verbose information about its operations on this *handle*. Useful for
libcurl and/or protocol debugging and understanding. The verbose information
is sent to stderr, or the stream set with CURLOPT_STDERR(3).
Set the *onoff* parameter to 1 to make the library display a lot of verbose
information about its operations on this *handle*. Useful for libcurl and/or
protocol debugging and understanding. The verbose information is sent to
stderr, or the stream set with CURLOPT_STDERR(3).
You hardly ever want this enabled in production use, you almost always want
this used when you debug/report problems.
@ -39,6 +39,8 @@ this used when you debug/report problems.
To also get all the protocol data sent and received, consider using the
CURLOPT_DEBUGFUNCTION(3).
**WARNING** this may show sensitive contents from headers and data.
# DEFAULT
0, meaning disabled.