CURLOPT_UNRESTRICTED_AUTH(3)

1CURLOPT_UNRESTRICTED_AUTH(3)curl_easy_setopt optionsCURLOPT_UNRESTRICTED_AUTH(3)
2
3
4

NAME

6       CURLOPT_UNRESTRICTED_AUTH - send credentials to other hosts too
7

SYNOPSIS

9       #include <curl/curl.h>
10
11       CURLcode curl_easy_setopt(CURL *handle, CURLOPT_UNRESTRICTED_AUTH,
12                                 long goahead);
13

DESCRIPTION

15       Set  the  long  gohead parameter to 1L to make libcurl continue to send
16       authentication (user+password) credentials  when  following  locations,
17       even when hostname changed. This option is meaningful only when setting
18       CURLOPT_FOLLOWLOCATION(3).
19
20       Further, when this option is not used or set to 0L,  libcurl  will  not
21       send custom set nor internally generated Authentication: headers on re‐
22       quests done to other hosts than the one used for the initial URL.
23
24       By default, libcurl will only send credentials and Authentication head‐
25       ers  to  the  initial  host name as given in the original URL, to avoid
26       leaking username + password to other sites.
27
28       This option should be used with caution: when curl follows redirects it
29       blindly  fetches the next URL as instructed by the server. Setting CUR‐
30       LOPT_UNRESTRICTED_AUTH(3) to 1L will therefore also make curl trust the
31       server  and  send  possibly  sensitive credentials to a host the server
32       points out.
33

DEFAULT

35       0
36

PROTOCOLS

38       HTTP
39

EXAMPLE

41       CURL *curl = curl_easy_init();
42       if(curl) {
43         curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");
44         curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
45         curl_easy_setopt(curl, CURLOPT_UNRESTRICTED_AUTH, 1L);
46         curl_easy_perform(curl);
47       }
48

AVAILABILITY

50       Along with HTTP
51

RETURN VALUE

53       Returns CURLE_OK if HTTP is supported, and CURLE_UNKNOWN_OPTION if not.
54