Discourage disabling verifying peers for the connections

richsage / RMSPushNotificationsBundle

NOT MAINTAINED! ⛔️ Push notifications/messages for mobile devices. Supports iOS, Android (C2DM, GCM), Blackberry and Windows Mobile (toast only). A Symfony2 bundle.

MIT License

321 stars 152 forks source link

Discourage disabling verifying peers for the connections #24

Open davedevelopment opened 11 years ago

davedevelopment commented 11 years ago

I think this should be discouraged and configurable.

https://github.com/richsage/RMSPushNotificationsBundle/blob/master/Service/OS/AndroidNotification.php#L75

Ideally it would be configurable by injecting a buzz browser, or even better an interface I can use with any other http client.

richsage commented 11 years ago

Yep, injection of the browser would definitely be a better option than the existing implementation. I can't remember what issues I had with the disabling of the verification to be perfectly honest...

davedevelopment commented 11 years ago

Well, I imagine a lot of shared hosts don't allow people to update the php ini, which is where you can set the root certificate things (I forget the details), if whatever you're trying to connect to can be deemed trusted.