[ZBXNEXT-9855] Web Monitoring with redirects should include Authorization headers - ZABBIX SUPPORT

Type: New Feature Request
Resolution: Unresolved
Priority: Trivial
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
None

Web Monitoring with redirects needs an option to send authentication credentials to the target.

Currently Zabbix uses CURLOPT_FOLLOWLOCATION option of libcurl to follow redirects, but curl 7.58.0 or later no longer send authorization headers to subsequent hosts. This may interfere with web monitoring.
CURLOPT_UNRESTRICTED_AUTH must be enabled to follow redirects.
Related fix of libcurl: https://curl.se/docs/CVE-2018-1000007.html

This request is derived from ZBX-26011

related to

ZBX-26011 Web Monitoring Authentication Handling During Redirects

Need info

Assignee:: Unassigned

Reporter:: Sayaka Hirai

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2025 Feb 27 05:25

Updated:: 2025 Feb 27 05:40

Details

Description

Attachments

Issue Links

Activity

People

Dates