allow null values for username and password - libcurl problems #111
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Currently no null values are allowed for username and password.
This leads to potentially undesired behavior when guzzle/psr7 is used as Uri builder.
See this line https://github.com/guzzle/psr7/blob/2.6/src/Uri.php#L438
Currently only strings are allowed which means any url without any auth information will be built like this:
This is seemingly not an issue for older curl versions.
We had the case where we upgraded from libcurl 7.79.1 to 8.0.1 and our application stopped working. This is because newer curl versions respect empty Http Basic auth and still set the proper header values. In our case this prevented the communication to AWS OpenSearch, since no authentication was expected.
If like in our case no authentication should be used, valid yaml null values like
nulland~could be used to type safe set those to null.Let me know if you need changes or more information.