search

palazzem / econnect-python

API adapter used to control programmatically an Elmo alarm system
BSD 3-Clause "New" or "Revised" License
8 stars 5 forks source link

Introduce a safer API #58

Closed palazzem closed 3 years ago

palazzem commented 3 years ago

Overview

In the current state, it's possible to use an HTTP endpoint without any improved security. While this is a use case that needs to be supported, it must not be easy to use it because in most of the cases it will be a mistake using an HTTP endpoint. This issue is proposing to introduce a check that raises an exception if an HTTP endpoint is used:

ElmoClient("http://example.com", "vendor")                 # Raises an exception
ElmoClient("https://example.com", "vendor")                # Is accepted
ElmoClient("http://example.com", "vendor", insecure=True)  # Is accepted
palazzem commented 3 years ago

Adding https://github.com/palazzem/pysettings to validate the HTTPS URL.