Home Explore Help
Sign In
Godot
/
godot
mirror of https://github.com/godotengine/godot.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Docs: Add warnings about no SSL/(D)TLS revocation

(cherry picked from commit 4eb427afb8ef22631ccf261362c1bb49776b987b)
Max Hilbrunner 4 years ago
parent
34f7ceefe0
commit
235fec4316
3 changed files with 3 additions and 2 deletions
Split View Show Diff Stats
  1. 1 0
      doc/classes/HTTPClient.xml
  2. 1 2
      doc/classes/HTTPRequest.xml
  3. 1 0
      doc/classes/PacketPeerDTLS.xml

+ 1 - 0
doc/classes/HTTPClient.xml
View File 

@@ -10,6 +10,7 @@
 
 		For more information on HTTP, see https://developer.mozilla.org/en-US/docs/Web/HTTP (or read RFC 2616 to get it straight from the source: https://tools.ietf.org/html/rfc2616).
 
 		[b]Note:[/b] When performing HTTP requests from a project exported to HTML5, keep in mind the remote server may not allow requests from foreign origins due to [url=https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS]CORS[/url]. If you host the server in question, you should modify its backend to allow requests from foreign origins by adding the [code]Access-Control-Allow-Origin: *[/code] HTTP header.
 
 		[b]Note:[/b] SSL/TLS support is currently limited to TLS 1.0, TLS 1.1, and TLS 1.2. Attempting to connect to a TLS 1.3-only server will return an error.
 
+		[b]Warning:[/b] SSL/TLS certificate revocation and certificate pinning are currently not supported. Revoked certificates are accepted as long as they are otherwise valid. If this is a concern, you may want to use automatically managed certificates with a short validity period.
 
 	</description>
 
 	<tutorials>
 
 		<link>https://docs.godotengine.org/en/3.3/tutorials/networking/http_client_class.html</link>

+ 1 - 2
doc/classes/HTTPRequest.xml
View File 

@@ -6,6 +6,7 @@
 
 	<description>
 
 		A node with the ability to send HTTP requests. Uses [HTTPClient] internally.
 
 		Can be used to make HTTP requests, i.e. download or upload files or web content via HTTP.
 
+		[b]Warning:[/b] See the notes and warnings on [HTTPClient] for limitations, especially regarding SSL security.
 
 		[b]Example of contacting a REST API and printing one of its returned fields:[/b]
 
 		[codeblock]
 
 		func _ready():
 
@@ -68,8 +69,6 @@
 
 		HttpRequest will automatically handle decompression of response bodies.
 
 		A "Accept-Encoding" header will be automatically added to each of your requests, unless one is already specified.
 
 		Any response with a "Content-Encoding: gzip" header will automatically be decompressed and delivered to you as a uncompressed bytes.
 
-		[b]Note:[/b] When performing HTTP requests from a project exported to HTML5, keep in mind the remote server may not allow requests from foreign origins due to [url=https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS]CORS[/url]. If you host the server in question, you should modify its backend to allow requests from foreign origins by adding the [code]Access-Control-Allow-Origin: *[/code] HTTP header.
 
-		[b]Note:[/b] SSL/TLS support is currently limited to TLS 1.0, TLS 1.1, and TLS 1.2. Attempting to connect to a TLS 1.3-only server will return an error.
 
 	</description>
 
 	<tutorials>
 
 		<link>https://docs.godotengine.org/en/3.3/tutorials/networking/http_request_class.html</link>

+ 1 - 0
doc/classes/PacketPeerDTLS.xml
View File 

@@ -5,6 +5,7 @@
 
 	</brief_description>
 
 	<description>
 
 		This class represents a DTLS peer connection. It can be used to connect to a DTLS server, and is returned by [method DTLSServer.take_connection].
 
+		[b]Warning:[/b] SSL/TLS certificate revocation and certificate pinning are currently not supported. Revoked certificates are accepted as long as they are otherwise valid. If this is a concern, you may want to use automatically managed certificates with a short validity period.
 
 	</description>
 
 	<tutorials>
 
 	</tutorials>