SFML community forums
Help => Network => Topic started by: binary1248 on September 09, 2013, 09:05:34 am
-
I already had a feeling that SFML didn't support HTTPS due to the fact that it doesn't link in any SSL libraries, so I checked the source just for fun. I found some code that parses https:// URIs and connects to the server on port 443 to send a "normal" HTTP request. Is this really necessary? I don't think it's a good idea to pretend to the user that SFML has invisible HTTPS support and just fail every connection attempt after sending potentially sensitive data (yes... this might be a security risk). An error/warning message on the console should be enough when trying to do this.
Until you decide on real HTTPS support can't you just prevent that needless connection establishment from taking place and tell the user HTTPS support doesn't exist yet? You said yourself here (https://github.com/SFML/SFML/pull/330) that you would think about removing the code but until now it still exists.
-
Yes, I will remove the corresponding code.
Thanks for reminding me.
-
Done.
-
Sorry for this idiotically big grave dig but since the https 'support' has been removed the comments for doxygen docs are wrong in Http.hpp because they say that if not specified the right port is chosen automatically 'according to the protocol used (80 for HTTP, 443 for HTTPS)' suggesting that https is supported.
-
Indeed. I fixed it, thanks. I also added an explicit note that HTTPS is not supported.