On Tue, 28 Apr 2020, Blake Burkhart via curl-library wrote:
What are the security implications of enabling redirects during uploads? The
security considerations page[1] says “When uploading, a redirect can cause a
local (or remote) file to be overwritten.” and mentions
CURLOPT_FOLLOWLOCATION, but as of Curl 7.19.4 it is no longer possible to
HTTP redirect to local files with the FILE protocol.
It is still *possible*, it is just not enabled by default.
Is the impact limited to overwriting an unexpected remote URL (on any
allowed protocol)? Or if a URL is user specified, overwriting a local file?
Those are certainly two obvious risks, yes. I can't exclude that there are
others as well.
--
/ daniel.haxx.se | Commercial curl support up to 24x7 is available!
| Private help, bug fixes, support, ports, new features
| https://www.wolfssl.com/contact/-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
