curl / Mailing Lists / curl-library / Single Mail

curl-library

Change doc for --insecure to say it doesn't apply to HTTPS-proxy?

From: Ray Satiro via curl-library <curl-library_at_cool.haxx.se>
Date: Mon, 6 Mar 2017 00:14:29 -0500

--insecure [1] is documented as making all connections insecure:

'This option explicitly allows curl to perform "insecure" SSL
connections and transfers. All SSL connections are attempted to be made
secure by using the CA certificate bundle installed by default. This
makes all connections considered "insecure" fail unless -k, --insecure
is used.'

Since the HTTPS proxy changes that is no longer true. HTTPS-proxy
connections would need --proxy-insecure [2]. I wonder if the
documentation should be changed, for example:

'This option explicitly allows curl to perform "insecure" SSL
connections and transfers. All SSL connections are attempted to be made
secure by using the CA certificate bundle installed by default. This
makes all connections (except HTTPS-proxy) considered "insecure" fail
unless -k, --insecure is used.

To make HTTPS-proxy connections insecure use --proxy-insecure.'

However I also wonder if this would confuse most users. I can imagine
someone reading that and misinterpreting it as HTTPS URL over proxy or
not understand that it can be combined with --proxy-insecure.

Thoughts?

[1]: https://curl.haxx.se/docs/manpage.html#-k
[2]: https://curl.haxx.se/docs/manpage.html#--proxy-insecure

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2017-03-06