From 7d6d272b7d04cf6640145f5381c39193e40ba5f8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C3=A9ter=20Dimitrov?= <peterdmv@erlang.org>
Date: Wed, 1 Nov 2017 13:05:22 +0100
Subject: inets: Fix http content injection bug in httpc

- uri_string module used for parsing URIs.
- Removed url_encode option as only valid URIs shall be handled
  by the http client.
- The client rejects URIs that are not compliant with RFC 3986.

Change-Id: I0a5b9766f6463a9802e0b02b445a2c4c91f02236
---
 lib/inets/doc/src/httpc.xml | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

(limited to 'lib/inets/doc')

diff --git a/lib/inets/doc/src/httpc.xml b/lib/inets/doc/src/httpc.xml
index 29e4b22632..58714328c5 100644
--- a/lib/inets/doc/src/httpc.xml
+++ b/lib/inets/doc/src/httpc.xml
@@ -287,8 +287,7 @@
                            {autoredirect,    boolean()} | 
                            {proxy_auth, {userstring(), passwordstring()}} | 
                            {version,         http_version()} | 
-                           {relaxed,         boolean()} |
-	                   {url_encode,      boolean()}</v>
+                           {relaxed,         boolean()}</v>
         <v>timeout() = integer() >= 0 | infinity</v>
         <v>Options = options()</v>
         <v>options() = [option()]</v>
@@ -379,13 +378,6 @@
 	    from the HTTP-standard are enabled.</p>
             <p>Default is <c>false</c>.</p>
 	  </item>
-
-	  <tag><c><![CDATA[url_encode]]></c></tag>
-          <item>
-            <p>Applies Percent-encoding, also known as URL encoding on the 
-	    URL.</p>
-	    <p>Default is <c>false</c>.</p>
-	  </item>
         </taglist>
 
         <p>Option (<c>option()</c>) details:</p>
-- 
cgit v1.2.3