godotengine/godot
1
0
Fork 0
mirror of https://github.com/godotengine/godot.git synced 2026-01-05 06:11:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Docs: Add warnings about no SSL/(D)TLS revocation

Browse Source 
(cherry picked from commit 4eb427afb8)
This commit is contained in:
Max Hilbrunner
2021-08-11 15:49:58 +02:00
committed by Rémi Verschelde
parent 0c6b5bdfeb
commit 8c20e03150
3 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
doc/classes/HTTPClient.xml
View File

@@ -10,6 +10,7 @@
For more information on HTTP, see https://developer.mozilla.org/en-US/docs/Web/HTTP (or read RFC 2616 to get it straight from the source: https://tools.ietf.org/html/rfc2616).
[b]Note:[/b] When performing HTTP requests from a project exported to HTML5, keep in mind the remote server may not allow requests from foreign origins due to [url=https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS]CORS[/url]. If you host the server in question, you should modify its backend to allow requests from foreign origins by adding the [code]Access-Control-Allow-Origin: *[/code] HTTP header.
[b]Note:[/b] SSL/TLS support is currently limited to TLS 1.0, TLS 1.1, and TLS 1.2. Attempting to connect to a TLS 1.3-only server will return an error.
[b]Warning:[/b] SSL/TLS certificate revocation and certificate pinning are currently not supported. Revoked certificates are accepted as long as they are otherwise valid. If this is a concern, you may want to use automatically managed certificates with a short validity period.
</description>
<tutorials>
<link>https://docs.godotengine.org/en/3.3/tutorials/networking/http_client_class.html</link>