search

henriqueolliveira / google-api-java-client

Automatically exported from code.google.com/p/google-api-java-client
0 stars 0 forks source link

Validate SSL certificates for App Engine #158

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
External references, such as a standards document, or specification?

http://hueniverse.com/2010/09/oauth-2-0-without-signatures-is-bad-for-the-web/

http://code.google.com/appengine/docs/java/urlfetch/overview.html#Secure_Connect
ions_and_HTTPS

http://code.google.com/appengine/docs/java/javadoc/com/google/appengine/api/urlf
etch/FetchOptions.html#validateCertificate()

Java environments (e.g. Java 6, Android 2.3, App Engine 1.4.2, or All)?

App Engine 1.4.2 & higher

Please describe the feature requested.

On UrlFetchTransport for App Engine, validate SSL certificates to avoid 
man-in-the-middle attacks.

Original issue reported on code.google.com by yan...@google.com on 21 Mar 2011 at 7:20

GoogleCodeExporter commented 9 years ago 
http://codereview.appspot.com/4287066/

Original comment by yan...@google.com on 21 Mar 2011 at 7:27

GoogleCodeExporter commented 9 years ago 
Note that this required us to increase the minimum required App Engine SDK 
version to 1.4.2

Original comment by yan...@google.com on 21 Mar 2011 at 7:32

GoogleCodeExporter commented 9 years ago 
how can I use this patch??

Original comment by eduardo....@gmail.com on 20 Apr 2011 at 8:08