Giter Site home page Giter Site logo

Comments (4)

Roadmaster avatar Roadmaster commented on August 14, 2024

Hi! The readme says

It does NO certificate verification (which would be pointless)

The reason is that certificate verification will NOT match the originating hostname (because it's a hacked IP).

As for session.get, you don't need an address there because you specified it in the previous line where you do session.mount. What you specify to session.get is a path relative to the address given to session.mount - this is no different from normal Requests usage.

from forcediphttpsadapter.

sandroden avatar sandroden commented on August 14, 2024

hi,

I did read the readme. What puzzles me is that if I change the resolution in /etc/hosts that's a way to get a hacked IP, but in that situation, I can have a correct ssl connection with validation and so on. So I personally don't understand what's different here. I know nothing of how SNI is implemented though. I'd say that no matter how you get the IP (from /etc/hosts or from --force-ip) the rest seems pretty much the same to me.

The idea that certification would be pointless is far from objective. Eg: I like to verify that a setup works before publishing it, that I thought was the use case at the base of this adapter.

As far as the last point, I had errors, and reading requests' documentation:

The mount call registers a specific instance of a Transport Adapter to a prefix. Once mounted, any HTTP request made using that session whose URL starts with the given prefix will use the given Transport Adapter.

so I interpreted as routing mecanism: when this route is used, this adapter is to be used.

from forcediphttpsadapter.

Roadmaster avatar Roadmaster commented on August 14, 2024

Hi,

In the situation for which I wrote this, I have no control over /etc/hosts, so that solution didn't work for me.

The point of this adapter is actually to skip errors due to mismatched hostname/certificate (I have other checks for certificate validity), this is why in this context I don't care about validating the certificate itself.

from forcediphttpsadapter.

sandroden avatar sandroden commented on August 14, 2024

BTW: in your example you use
session.get(uri, ...)
in that context uri is certainly not the path... in my opinion the example is correct, the documentation needs to be fixed

from forcediphttpsadapter.

Related Issues (10)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.