hoppscotch / proxyscotch

📡 A simple proxy server created for https://hoppscotch.io
https://hoppscotch.io
MIT License
360 stars 93 forks source link

Investigate self-signed HTTPS #78

Open SamJakob opened 12 months ago

SamJakob commented 12 months ago

It would seem (according to an email report) that upstream self-signed certificates do not work, this needs to be checked.

Then, we need to figure out whether self-signed or invalid certificates should be allowed by default. I don’t see a security risk from doing that but it might make debugging harder or more confusing because we would bypass those issues.

I’m thinking the best option is to add it behind a flag.

r-brown commented 7 months ago

I'd support adding an additional configuration option to allow self-signed certs.

ispy1 commented 7 months ago

I skipped checking the certificate where the code creates http.client and it works fine now

    tr := &http.Transport{
        TLSClientConfig: &tls.Config{
            InsecureSkipVerify: true,
        },
    }

    // 创建一个基于自定义Transport的HTTP客户端
    client := &http.Client{
        Transport: tr,
    }
seungick commented 7 months ago

I created a patch file for the issue. The approach is same with @ispy1. :) you can refer below link.

https://github.com/hoppscotch/hoppscotch/issues/882#issuecomment-2029625033