search

CircleOfNice / CiRestClientBundle

Mapper for PHP internal curl library
GNU General Public License v3.0
57 stars 20 forks source link

CURLOPT_SSL_VERIFYPEER cannot be overrided #26

Closed korbav closed 8 years ago

korbav commented 8 years ago

As CURLOPT_SSL_VERIFYPEER is set in the setUrl method and as the setUrl method is called after binding options to the curlOptionsHandler, it's not possible to override the CURLOPT_SSL_VERIFYPEER parameter, this should be at least mentioned in the documentation but it would be better if it could be possible because one could trust an https API without having any valid certificate for it, this is actually the purpose of the CURLOPT_SSL_VERIFYPEER option. 

public function sendRequest($url, $method, array $options = array(), $payload = '') {
   ....
   $this->curlOptionsHandler->setOptions($options);
   ....
   $this->setUrl($url); //Force CURLOPT_SSL_VERIFYPEER depending on http/https protocol in url
  ....
}
TobiasHauck commented 8 years ago

You are totally right. The CURLOPT_SSL_VERIFYPEER should not be set in the setUrl method as this has nothing to do with its purpose. This option should be a default configuration option, so that you are able to change it.

Can you please open a PR with these changes?

Thanks a lot!

korbav commented 8 years ago

For sure, PR is submitted