Download
Browse source Changelog tiny-curl
Documentation
Project   Bug Bounty   Help us   Known bugs   TODO Protocols   CA bundle   HTTP Cookies   HTTP/2   SSL Certs Releases   Security   Version numbers   Vulnerabilities curl tool   man page   Tutorial   HTTP scripting Who and Why
libcurl
ABI API Competitors Examples Features Mailing list Related libs Using libcurl Tutorial Testimonials
Get Help
curl-library curl-users Mailing lists Book: Everything curl Video presentations Report a bug Paid support
Development
Autobuilds Code review Code style Contribute Dashboard Deprecate Internals Release Notes Release Procedure Roadmap Run Tests Security Process Specifications Test curl
News
Changelog Release table
curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: Thoughts on HSTS

From: Daniel Stenberg via curl-library <curl-library_at_cool.haxx.se>
Date: Wed, 2 Sep 2020 10:30:45 +0200 (CEST)

On Wed, 2 Sep 2020, Stefan Eissing wrote:

> But the persistence seems not usable. I cannot specify a file to libcurl, as
> process privileges will change during the lifetime of the server and also
> because it will live in several child processes.
>
> Would it be an idea to let the hosting application provide some sort of
> persistence callbacks? Or is there already such a thing?

I've considered providing a way to store the hsts cache as something else than
a file, perhaps with a callback - which would match up fine with a
corresponding API to preload a set of host names (== load the cache from a
custom place).

I do however ponder on leaving that idea for "later", unless someone speaks up
and has a real use case for it already. This, because I suspect most
applications will manage fine to without custom cache persistance and just
preloading a list of host names on startup that it *knows* are HTTPS-only. 

-- 
  / daniel.haxx.se | Commercial curl support up to 24x7 is available!
                   | Private help, bug fixes, support, ports, new features
                   | https://www.wolfssl.com/contact/
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette:   https://curl.haxx.se/mail/etiquette.html
Received on 2020-09-02