curl / Mailing Lists / curl-library / Single Mail

curl-library

Re: Force cURL to use GET on proxy for HTTPs requests

From: Benjamin Morel via curl-library <curl-library_at_cool.haxx.se>
Date: Wed, 6 Dec 2017 00:44:11 +0100

Thank you very much for your thorough reply, Daniel.

There are plenty of people and organizations who insist HTTPS everywhere is
> everywhere from downright evil down to inconvenient and inefficient. And
> yes, there's certainly a price to pay for that level of security.

Again, I perfectly understand the whole point of HTTPS everywhere. It makes
sense as soon as a packet goes over a public network. On private networks,
it becomes arguable (see Is SSL terminated at a load balancer PCI compliant?
<https://security.stackexchange.com/questions/43071/is-ssl-terminated-at-a-load-balancer-pci-compliant>),
and on localhost, I fail to see how it could be a security risk.

I'm all for a well-documented option with strong warnings, I'll see if I
find the time (and have the skills) to implement it.

Cheers,
Benjamin

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2017-12-06

This message: [ Message body ]
Next message: Ray Satiro via curl-library: "Re: Force cURL to use GET on proxy for HTTPs requests"
Previous message: Daniel Stenberg: "Re: Force cURL to use GET on proxy for HTTPs requests"
In reply to: Daniel Stenberg: "Re: Force cURL to use GET on proxy for HTTPs requests"
Next in thread: Ray Satiro via curl-library: "Re: Force cURL to use GET on proxy for HTTPs requests"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]