Web Monitoring with redirects should include Authorization headers

XMLWordPrintable

    • Type: New Feature Request
    • Resolution: Unresolved
    • Priority: Trivial
    • None
    • Affects Version/s: None
    • Component/s: None
    • None

      Web Monitoring with redirects needs an option to send authentication credentials to the target.

      Currently Zabbix uses CURLOPT_FOLLOWLOCATION option of libcurl to follow redirects, but curl 7.58.0 or later no longer send authorization headers to subsequent hosts. This may interfere with web monitoring.
      CURLOPT_UNRESTRICTED_AUTH must be enabled to follow redirects.
      Related fix of libcurl: https://curl.se/docs/CVE-2018-1000007.html

      This request is derived from ZBX-26011

            Assignee:
            Unassigned
            Reporter:
            Sayaka Hirai
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: