[wp-trac] Re: [WordPress Trac] #8702: HTTP API Updates
WordPress Trac
wp-trac at lists.automattic.com
Tue Jan 27 21:47:48 GMT 2009
#8702: HTTP API Updates
-------------------------------------+--------------------------------------
Reporter: sivel | Owner: westi
Type: enhancement | Status: assigned
Priority: normal | Milestone: 2.8
Component: HTTP | Version: 2.7
Severity: normal | Resolution:
Keywords: has-patch needs-testing |
-------------------------------------+--------------------------------------
Comment (by westi):
Replying to [comment:12 sivel]:
> Okay...here is the new version of this patch.
>
> Changes:
>
> * Added blacklisting of transports if url is https
> * Added filter https_local_ssl_verify (used in spawn_cron) so that
users can override ssl verification for their site if using an untrusted
ssl cert. This insures that cron can still work on an untrusted ssl cert
without removing ssl verification for external urls.
> * Added filter https_ssl_verify so that users can override ssl
verification for all https calls
> * Added new default argument 'sslverify' which defaults to true
>
> I have not done much testing on this so any help testing would be
appreciated.
>
> This patch fits into the current trunk revision 10446.
Thank you for the updated patch.
As I have said before I much prefer to be secure out of the box but give
people the flexibility to go unsecure if they want.
It is good to see an easy option to enable cron to work with a unsigned
cert to allow people to self-cert to get https while still having a safe
route to getting SSl working.
It would be good to see some testing on this and get it into trunk.
--
Ticket URL: <http://trac.wordpress.org/ticket/8702#comment:13>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list