Change #274799
| Category | wget |
| Changed by | Acts1631 <acts1611kjv@proton.me> |
| Changed at | Mon 13 Jul 2026 21:22:41 |
| Repository | https://gitlab.com/gnuwget/wget.git |
| Project | wget |
| Branch | master |
| Revision | 402095ad274b0e052ee1932f12844d4dc1a056be |
Comments
http: filter Proxy-Authorization on cross-host redirects * src/http.c (unredirectable_headerline): Filter Proxy-Authorization headers. A user-provided Proxy-Authorization header is forwarded after a redirect to a different hostname or port. A redirect destination can then obtain a value that was intended for the original site. Drop this header along with Authorization and Cookie on such redirects. Copyright-paperwork-exempt: Yes
Changed files
- src/http.c