Add support for rejectUnauthorized flag

SamDecrock / node-http-ntlm

Node.js module to authenticate using HTTP NTLM

MIT License

192 stars 89 forks source link

Add support for rejectUnauthorized flag #67

Closed foch closed 1 year ago

foch commented 7 years ago

Purpose of this PR is to add the possibility to target in HTTPS a server with an "invalid" certificate, i.e. not recognized by a well-known authority, but for instance self-signed. This is useful in a corporate environment, where our SharePoint (using NTLM) has a certificate signed by the company root certificate.

It's the equivalent of the --insecure flag of curl, hence the name of the new flag, secure. Of course, I left secure as default!

It will provide a solution for issue #64

phgnx commented 7 years ago

I need this fix aswell

SamDecrock commented 6 years ago

Cant you just pass in "rejectUnauthorized" using the regular options object:

httpntlm.get({
    url: "https://someurl.com",
    username: 'm$',
    password: 'stinks',
    workstation: 'choose.something',
    domain: '',
    rejectUnauthorized: true
}, function (err, res){
    if(err) return err;

    console.log(res.headers);
    console.log(res.body);
});

traveling-developer commented 6 years ago

For me setting the "rejectUnauthorized" flag to false helped:

httpntlm.get({
    url: "https://someurl.com",
    username: 'm$',
    password: 'stinks',
    workstation: 'choose.something',
    domain: '',
    rejectUnauthorized: false
}, function (err, res){
    if(err) return err;

    console.log(res.headers);
    console.log(res.body);
});

SamDecrock commented 1 year ago

Closing PR without merging passing the rejectUnauthorized headers just works.