Post command help
Thierry Douez
th.douez at gmail.com
Mon Jun 24 12:22:56 EDT 2013
Thanks Mark.
In the meantime, I found this one for more security:
http://forums.runrev.com/viewtopic.php?f=11&t=6995&p=31804&hilit=https#p31804
Regards,
Thierry
2013/6/24 Mark Wilcox <m_p_wilcox at yahoo.co.uk>
>
>
> >> Another suggestion would be setting the property
> libUrlSetSSLVerification
> >> to false
> >> as this may also resolve the issue..
>
> > Another question: does setting libUrlSetSSLVerification to false mean
> security is turned off completely, or only that the certificate isn't
> checked?
>
> Not doing SSL Certificate Verification means that the certificate isn't
> checked, the content is still sent encrypted. Whether this matters depends
> on the setup - if you control both the client and server ends then it's not
> such a big deal, although technically it does leave you vulnerable to
> man-in-the-middle attacks. You still have the option of bundling a
> collection of root certificates with your app (and you can find up to date
> collections online freely) but that will mean the certificates will not be
> updated unless your app is, so overtime they will go out of date. If
> you're only connecting to your own server that's not much of a problem
> either - you need to give everyone an update of the app when a certificate
> in your one certificate chain expires but that's all. Keeping a general
> set of certificates for the open web up to date is another matter entirely.
>
> Mark
>
------------------------------------------------
Thierry Douez - http://sunny-tdz.com
Maker of sunnYperl - sunnYmidi - sunnYmage
More information about the use-livecode
mailing list