summaryrefslogtreecommitdiff
path: root/t/t5100/msg0012
diff options
context:
space:
mode:
authorLibravatar Jonathan Tan <jonathantanmy@google.com>2020-05-11 10:43:10 -0700
committerLibravatar Junio C Hamano <gitster@pobox.com>2020-05-11 11:18:01 -0700
commit7167a62b9e2f648adc11411446f876f2458722a5 (patch)
treeeb0b58dfdde6cd2ad37d1aff90f10ebb41c65f56 /t/t5100/msg0012
parentt5551: test that GIT_TRACE_CURL redacts password (diff)
downloadtgif-7167a62b9e2f648adc11411446f876f2458722a5.tar.xz
http, imap-send: stop using CURLOPT_VERBOSE
Whenever GIT_CURL_VERBOSE is set, teach Git to behave as if GIT_TRACE_CURL=1 and GIT_TRACE_CURL_NO_DATA=1 is set, instead of setting CURLOPT_VERBOSE. This is to prevent inadvertent revelation of sensitive data. In particular, GIT_CURL_VERBOSE redacts neither the "Authorization" header nor any cookies specified by GIT_REDACT_COOKIES. Unifying the tracing mechanism also has the future benefit that any improvements to the tracing mechanism will benefit both users of GIT_CURL_VERBOSE and GIT_TRACE_CURL, and we do not need to remember to implement any improvement twice. Signed-off-by: Jonathan Tan <jonathantanmy@google.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 't/t5100/msg0012')
0 files changed, 0 insertions, 0 deletions