Post command help

Thierry Douez th.douez at gmail.com
Mon Jun 24 18:22:56 CEST 2013


Thanks Mark.

In the meantime, I found this one for more security:

http://forums.runrev.com/viewtopic.php?f=11&t=6995&p=31804&hilit=https#p31804

Regards,

Thierry


2013/6/24 Mark Wilcox <m_p_wilcox at yahoo.co.uk>

>
>
> >> Another suggestion would be setting the property
> libUrlSetSSLVerification
> >> to false
> >> as this may also resolve the issue..
>
> > Another question: does setting libUrlSetSSLVerification to false mean
> security is turned off completely, or only that the certificate isn't
> checked?
>
> Not doing SSL Certificate Verification means that the certificate isn't
> checked, the content is still sent encrypted.  Whether this matters depends
> on the setup - if you control both the client and server ends then it's not
> such a big deal, although technically it does leave you vulnerable to
> man-in-the-middle attacks.  You still have the option of bundling a
> collection of root certificates with your app (and you can find up to date
> collections online freely) but that will mean the certificates will not be
> updated unless your app is, so overtime they will go out of date.  If
> you're only connecting to your own server that's not much of a problem
> either - you need to give everyone an update of the app when a certificate
> in your one certificate chain expires but that's all.  Keeping a general
> set of certificates for the open web up to date is another matter entirely.
>
> Mark
>


------------------------------------------------
Thierry Douez - http://sunny-tdz.com
Maker of sunnYperl - sunnYmidi - sunnYmage


More information about the use-livecode mailing list