search

Waboodoo / HTTP-Shortcuts

Android app to create home screen shortcuts that trigger arbitrary HTTP requests
https://http-shortcuts.rmy.ch
MIT License
1.17k stars 113 forks source link

Feature request: allow server certificate pinning #335

Closed cpainchaud closed 1 year ago

cpainchaud commented 1 year ago

Is your feature request related to a problem? Please describe. When dealing with sensitive informations, you want to make sure that server is presenting a certificate with a specific fingerprint and/or signed with a specific CA so you know that no one currently spying on your connection.

Describe the solution you'd like An option to provide server's vert fingerprint or a CA file that would be used to validate said CA and only this one is validated

Describe alternatives you've considered M

Additional context

Waboodoo commented 1 year ago

Thanks for the suggestion. I will consider adding this in the near future, as it seems rather straightforward to add, thanks to OkHttp's built-in support.

I'm imaging having a section in the settings where one or more domain patterns can be added, together with a SHA-1 or SHA-256 hash of the server's certificate.

Waboodoo commented 1 year ago

This feature is now available, as part of the 3.0.0 release.