| _ _ ____ _ |
| ___| | | | _ \| | |
| / __| | | | |_) | | |
| | (__| |_| | _ <| |___ |
| \___|\___/|_| \_\_____| |
| |
| TODO |
| |
| Things to do in project cURL. Please tell me what you think, contribute and |
| send me patches that improve things! Also check the http://curl.haxx.se/dev |
| web section for various development notes. |
| |
| LIBCURL |
| |
| * Consider an interface to libcurl that allows applications to easier get to |
| know what cookies that are sent back in the response headers. |
| |
| * Make content encoding/decoding internally be made using a filter system. |
| |
| * The new 'multi' interface is being designed. Work out the details, start |
| implementing and write test applications! |
| [http://curl.haxx.se/dev/multi.h] |
| |
| * Add a name resolve cache to libcurl to make repeated fetches to the same |
| host name (when persitancy isn't available) faster. |
| |
| * Introduce another callback interface for upload/download that makes one |
| less copy of data and thus a faster operation. |
| [http://curl.haxx.se/dev/no_copy_callbacks.txt] |
| |
| * Add configure options that disables certain protocols in libcurl to |
| decrease footprint. '--disable-[protocol]' where protocol is http, ftp, |
| telnet, ldap, dict or file. |
| |
| * Add asynchronous name resolving. http://curl.haxx.se/dev/async-resolver.txt |
| |
| * Strip any trailing CR from the error message when Curl_failf() is used. |
| |
| DOCUMENTATION |
| |
| * Document all CURLcode error codes, why they happen and what most likely |
| will make them not happen again. |
| |
| FTP |
| |
| * FTP ASCII upload does not follow RFC959 section 3.1.1.1: "The sender |
| converts the data from an internal character representation to the standard |
| 8-bit NVT-ASCII representation (see the Telnet specification). The |
| receiver will convert the data from the standard form to his own internal |
| form." |
| |
| * An option to only download remote FTP files if they're newer than the local |
| one is a good idea, and it would fit right into the same syntax as the |
| already working http dito works. It of course requires that 'MDTM' works, |
| and it isn't a standard FTP command. |
| |
| * Suggested on the mailing list: CURLOPT_FTP_MKDIR...! |
| |
| * Always use the FTP SIZE command before downloading, as that makes it more |
| likely that we know the size when downloading. Some sites support SIZE but |
| don't show the size in the RETR response! |
| |
| HTTP |
| |
| * HTTP PUT for files passed on stdin *OR* when the --crlf option is |
| used. Requires libcurl to send the file with chunked content |
| encoding. [http://curl.haxx.se/dev/HTTP-PUT-stdin.txt] When the filter |
| system mentioned above gets real, it'll be a piece of cake to add. |
| |
| * "Content-Encoding: compress/gzip/zlib" HTTP 1.1 clearly defines how to get |
| and decode compressed documents. There is the zlib that is pretty good at |
| decompressing stuff. This work was started in October 1999 but halted again |
| since it proved more work than we thought. It is still a good idea to |
| implement though. This requires the filter system mentioned above. |
| |
| * Authentication: NTLM. Support for that MS crap called NTLM |
| authentication. MS proxies and servers sometime require that. Since that |
| protocol is a proprietary one, it involves reverse engineering and network |
| sniffing. This should however be a library-based functionality. There are a |
| few different efforts "out there" to make open source HTTP clients support |
| this and it should be possible to take advantage of other people's hard |
| work. http://modntlm.sourceforge.net/ is one. There's a web page at |
| http://www.innovation.ch/java/ntlm.html that contains detailed reverse- |
| engineered info. |
| |
| * RFC2617 compliance, "Digest Access Authentication" |
| A valid test page seem to exist at: |
| http://hopf.math.nwu.edu/testpage/digest/ |
| And some friendly person's server source code is available at |
| http://hopf.math.nwu.edu/digestauth/index.html |
| Then there's the Apache mod_digest source code too of course. It seems as |
| if Netscape doesn't support this, and not many servers do. Although this is |
| a lot better authentication method than the more common "Basic". Basic |
| sends the password in cleartext over the network, this "Digest" method uses |
| a challange-response protocol which increases security quite a lot. |
| |
| TELNET |
| |
| * Make TELNET work on windows98! |
| |
| SSL |
| |
| * Add an interface to libcurl that enables "session IDs" to get |
| exported/imported. Cris Bailiff said: "OpenSSL has functions which can |
| serialise the current SSL state to a buffer of your choice, and |
| recover/reset the state from such a buffer at a later date - this is used |
| by mod_ssl for apache to implement and SSL session ID cache" |
| |
| * Make curl's SSL layer option capable of using other free SSL libraries. |
| Such as the Mozilla Security Services |
| (http://www.mozilla.org/projects/security/pki/nss/) and GNUTLS |
| (http://gnutls.hellug.gr/) |
| |
| CLIENT |
| |
| * "curl ftp://site.com/*.txt" |
| |
| * Several URLs can be specified to get downloaded. We should be able to use |
| the same syntax to specify several files to get uploaded (using the same |
| persistant connection), using -T. |
| |
| * Say you have a list of FTP addresses to download in a file named |
| ftp-list.txt: "cat ftp-list.txt | xargs curl -O -O -O [...]". curl _needs_ |
| an "-Oalways" flag -- all addresses on the command line use the base |
| filename to store locally. Else a script must precount the # of URLs, |
| construct the proper number of "-O"s... |
| |
| TEST SUITE |
| |
| * Extend the test suite to include more protocols. The telnet could just do |
| ftp or http operations (for which we have test servers). |
| |
| * Make the test suite work on more platforms. OpenBSD and Mac OS. Remove |
| fork()s and it should become even more portable. |
| |
| * Introduce a test suite that tests libcurl better and more explicitly. |