search

microsoft / libHttpClient

libHttpClient provides a platform abstraction layer for HTTP and WebSocket, and is designed for use by the Microsoft Xbox Live Service API (XSAPI) [https://github.com/Microsoft/xbox-live-api] and game devs. If you want to contribute to the project, please talk to us to avoid overlap.
MIT License
277 stars 127 forks source link

There should be a version of HCHttpCallRequestSetSSLValidation for web sockets #679

Open StephenE opened 2 years ago

StephenE commented 2 years ago

I am adding support for Web Sockets to our title, and have been testing my work with a very simple locally run echo server. Everything works fine when testing over http, but switching to https fails as I am just using a self signed certificate for local testing.

For making HTTP calls, I call HCHttpCallRequestSetSSLValidation to skip the ssl validation, but there is no equivilent for web sockets. I found HCWebSocketSetProxyDecryptsHttps, and using a debugger to skip the empty proxy check was able to get a connection open over https with the ssl check bypassed. This is not sustainable in the long term, as I can't expect other developers to stick a breakpoint in a random bit of code and set a random variable to true.

Please consider adding a new function along the lines of HCWebSocketSetSSLValidation, which when called disables the SSL validation step.

jplafonta commented 2 years ago

Thanks for the feedback. We will open a work item for this and hopefully get that work scheduled soon. Will leave this github issue open for the time being and reply here with progress.

stonstad commented 1 year ago

Has this issue been resolved?

StephenEdmondsPG commented 10 months ago

I ran into this issue myself today, same repo - using a self signed certificate, not able to skip the SSL validation checks