FIFA Twilio Bot - Security Risk/Warnings With worldcup.sfg.io Website?

JRD8 commented 3 years ago

Location Within the Book

Book order number: 23632316
Book build date (It is in the page footer for the latest PDF version and on page 1 for the MOBI + EPUB versions): 2021-02-27-rc.
Book format (PDF, Epub or Mobi): PDF
Chapter: 4
Section: 3

Hint: Page numbers change all the time. The best way to report an issue is by chapter and section numbers.

Description

FYI. 3 major browsers (Firefox, Chrome, Safari) are all currently returning security risks/warnings accessing and using worldcup.sfg.io.

Would love to do this project, but believe it will be security risk on my laptop. Should we be proceeding? Is there possible work-around/alternate safe site to use that you recommend?

Possible Solutions

Your full name so I can provide accurate credit within the book

James Diener

yasoob commented 3 years ago

Hi @JRD8 it should be perfectly fine to proceed. You will not be inputting any sensitive information on the website. You will just be getting the JSON and printing it on screen. There should not be a security risk because of that in this particular project. :)

JRD8 commented 3 years ago

Yasoob:

Thank you for quick response.

However, please note that since the website's security certificate has expired, running the .py program from terminal = complains and returns an error/quits.

Not sure if it’s a setting/option on my laptop that I can deactivate, but default security setting on laptop (Mac OS X Big Sur 11.2.2) won’t let me (and presumably some other users) proceed.

See screen shot with error returned with just the initial get requests (for example).

On Mar 28, 2021, at 4:10 PM, M.Yasoob Ullah Khalid ☺ @.***> wrote:

Hi @JRD8 https://github.com/JRD8 it should be perfectly fine to proceed. You will not be inputting any sensitive information on the website. You will just be getting the JSON and printing it on screen. There should not be a security risk because of that in this particular project. :)

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/yasoob/practical-python-projects/issues/29#issuecomment-808952278, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABENU5JGCOGG4DEWAPGJQYTTF6EMPANCNFSM4Z6L5ZLA.

yasoob commented 3 years ago

@JRD8 Can you try using http instead of https in the URL and let me know if the problem still persists? This is for the Python code.

JRD8 commented 3 years ago

That solved it. Works perfectly now. Thank you for quick response!

Best,

JRD

On Mar 28, 2021, at 10:47 PM, M.Yasoob Ullah Khalid ☺ @.***> wrote:

@JRD8 https://github.com/JRD8 Can you try using http instead of https in the URL and let me know if the problem still persists?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/yasoob/practical-python-projects/issues/29#issuecomment-809028089, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABENU5KVSHIL2TUU4LNNFO3TF7S3VANCNFSM4Z6L5ZLA.

yasoob / practical-python-projects