On Fri, 11 Jan 2019, Ray Satiro via curl-library wrote:
I think the developer should not have to worry about problems like that.
I don't think this would be a particular developer worry. The error message/logging texts should clearly state the reason for why it didn't work as intended so if users report errors to the applications after having used *INHIBIT, the application author could just explain that. Or even better: the user would understand that already based on the error output.
This could be a rather efficient way for users to detect if their favorite applications are using features/protocols that they shouldn't. Like insecure protocols or non-verified TLS servers.
I see a world where everyone starts peppering their scripts to nullify CURL_INHIBIT.
I'm not so sure that is the obvious outcome. A future script that sets CURL_INHIBIT would signal to the world that it is shady and potentially is using curl in a insecure or unrecommend way...
-- / daniel.haxx.se ------------------------------------------------------------------- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
