lambdafu
commented
6 years ago Original report here: https://github.com/nodejs/node/issues/19468
Closed lambdafu closed 6 years ago
lambdafu
commented
6 years ago Original report here: https://github.com/nodejs/node/issues/19468
lambdafu
commented
6 years ago Fixed by #62.
Mismatching URL parser can lead to security problems (for example whitelisting domain names such as "brave.com%60x.code-fu.org"). Currently, NeoPG does only check the protocol, but in case we want to do more, this issue shall remind us to be careful.
Unfortunately, libcurl doesn't expose the URL parser yet: https://github.com/curl/curl/issues/2412