[arch-dev-public] libpsl support for wget and curl (moving libpsl to [core])
anthraxx at archlinux.org
Mon Nov 14 11:39:31 UTC 2016
I would like to move libpsl to [core] and, if no objections arise,
rebuild wget and curl against it. Doing so will protect against some
problems related to insufficient checking of TLDs (f.e. ).
Q: What is libpsl?
A: A C library to handles the Public Suffix List . It was created
out of wget itself and turned into a library so others (like curl)
could benefit from it.
Q: What does it protect against?
A: - "supercookies" -> cookie checking, cookie domain verification
- "super domain certificates" -> overly permissive hostname matching
Q: What does upstream recommend?
A: Both, curl and wget, advocate the use of libpsl in their projects if
Q: How big is this package?
A: Not even noticeable, 41K while packed (tar.xz) and 92K unpacked.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: OpenPGP digital signature
More information about the arch-dev-public