NAME

CURLOPT_UNRESTRICTED_AUTH - send credentials to other hosts too

SYNOPSIS

#include <curl/curl.h>


CURLcode curl_easy_setopt(CURL *handle, CURLOPT_UNRESTRICTED_AUTH,
                          long goahead);

DESCRIPTION

Set the long gohead parameter to 1L to make libcurl continue to send authentication (user+password) credentials when following locations, even when hostname changed. This option is meaningful only when setting CURLOPT_FOLLOWLOCATION(3).
 
Further, when this option is not used or set to 0L, libcurl will not send custom set nor internally generated Authentication: headers on requests done to other hosts than the one used for the initial URL.
 
By default, libcurl will only send credentials and Authentication headers to the initial host name as given in the original URL, to avoid leaking username + password to other sites.
 
This option should be used with caution: when curl follows redirects it blindly fetches the next URL as instructed by the server. Setting to 1L will therefore also make curl trust the server and send possibly sensitive credentials to a host the server points out.

DEFAULT

0

PROTOCOLS

HTTP

EXAMPLE

CURL *curl = curl_easy_init();
if(curl) {
  curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");
  curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
  curl_easy_setopt(curl, CURLOPT_UNRESTRICTED_AUTH, 1L);
  curl_easy_perform(curl);
}

AVAILABILITY

Along with HTTP

RETURN VALUE

Returns CURLE_OK if HTTP is supported, and CURLE_UNKNOWN_OPTION if not.

SEE ALSO

CURLOPT_FOLLOWLOCATION(3), CURLOPT_USERPWD(3),

Recommended readings

Pages related to CURLOPT_UNRESTRICTED_AUTH you should read also:
CURLOPT_FOLLOWLOCATION(3) CURLOPT_USERPWD(3)

Questions & Answers

Helpful answers and articles about CURLOPT_UNRESTRICTED_AUTH you may found on these sites:
Stack Overflow Server Fault Super User Unix & Linux Ask Ubuntu Network Engineering DevOps Raspberry Pi Webmasters Google Search