Feature Request: Restrict protocols

[afflerbach]

Hi Mike!

We’re interested in restricting the protocols the client is allowed to use. As far as I know, there’s currently no way to configure options like CURLOPT_PROTOCOLS_STR, CURLOPT_REDIR_PROTOCOLS_STR, or CURLOPT_DEFAULT_PROTOCOL.
Or are there any other approaches to achieve this?

Are there any plans on your side to support these options? For example:

$request->setOptions([
  "protocols" => "http,https", 
  "redir_protocols" => "http,https", 
  "default_protocol" => "https"
]);

If not, would php_http_curle_options_init be the right place to implement such support? Thanks!

[m6w6]

Yes, there's quite a backlog on unsupported newer CURL options 😞, and yes, curle_options is the right place to implement CURLOPTs 👍

[afflerbach]

Any feedback on the PR? Would this be the right direction?