azuisleet
commented
4 years ago How does Steam know to ignore the required HTTPS setting?
Closed AtomicNibble closed 3 years ago
azuisleet
commented
4 years ago How does Steam know to ignore the required HTTPS setting?
AtomicNibble
commented
4 years ago I don't know, but by default it uses HTTP, I suspect it will try HTTP for optional servers then if the content coming back is corrupt it will try HTTPS for the given server.
xPaw
commented
4 years ago Presumably your local cache provides lancache.steamcontent.com, which Steam client natively looks for. You can provide your own server when calling CDNClient methods.
azuisleet
commented
4 years ago For discussion:
There don't appear to be many content servers marked mandatory, and the Steam Client isn't actually using HTTPS when it is supported.
azuisleet
commented
3 years ago I agree with this and this has been resolved in 99ac8e44cb29d7b6f4e66e712e057dfd074006b5.
Currently https is forced for content servers even when optional: https://github.com/SteamRE/SteamKit/blob/51590283f08df89fca056a3839bd07c7712da5e5/SteamKit2/SteamKit2/Steam/WebAPI/ContentServerDirectoryService.cs#L97
It would be better if this was configrable as currently there is no way to use plain http like Steam client dose, so downloads can be pulled from local caching proxies.
Thanks.