http, imap-send: stop using CURLOPT_VERBOSE
Whenever GIT_CURL_VERBOSE is set, teach Git to behave as if GIT_TRACE_CURL=1 and GIT_TRACE_CURL_NO_DATA=1 is set, instead of setting CURLOPT_VERBOSE. This is to prevent inadvertent revelation of sensitive data. In particular, GIT_CURL_VERBOSE redacts neither the "Authorization" header nor any cookies specified by GIT_REDACT_COOKIES. Unifying the tracing mechanism also has the future benefit that any improvements to the tracing mechanism will benefit both users of GIT_CURL_VERBOSE and GIT_TRACE_CURL, and we do not need to remember to implement any improvement twice. Signed-off-by: Jonathan Tan <jonathantanmy@google.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Jonathan Tan
committed by
Junio C Hamano
Junio C Hamano
parent
373e9bd66e
commit
7167a62b9e
@ -20,7 +20,7 @@ test_expect_success 'failure in git-upload-pack is shown' '
|
||||
test_might_fail env GIT_CURL_VERBOSE=1 \
|
||||
git clone "$HTTPD_URL/error_git_upload_pack/smart/repo.git" \
|
||||
2>curl_log &&
|
||||
grep "< HTTP/1.1 500 Intentional Breakage" curl_log
|
||||
grep "<= Recv header: HTTP/1.1 500 Intentional Breakage" curl_log
|
||||
'
|
||||
|
||||
test_done
|
||||
|
||||
Reference in New Issue
Block a user