You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@thrift.apache.org by "Jens Geyer (Jira)" <ji...@apache.org> on 2020/07/14 19:44:00 UTC
[jira] [Resolved] (THRIFT-5252) Make CreateHttpClientHandler()
method virtual
[ https://issues.apache.org/jira/browse/THRIFT-5252?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jens Geyer resolved THRIFT-5252.
--------------------------------
Fix Version/s: 0.14.0
Resolution: Fixed
> Make CreateHttpClientHandler() method virtual
> ---------------------------------------------
>
> Key: THRIFT-5252
> URL: https://issues.apache.org/jira/browse/THRIFT-5252
> Project: Thrift
> Issue Type: Improvement
> Components: netstd - Library
> Reporter: Jens Geyer
> Assignee: Jens Geyer
> Priority: Major
> Fix For: 0.14.0
>
> Time Spent: 20m
> Remaining Estimate: 0h
>
> The CreateHttpClientHandler() factory method of THttpTransport should be virtual instead of static. This allows overriding the method and manipulating the returned handler. Amongst others, one possible use case could be to relax the SSL/TLS validation checks intentionally for some custom purpose, like so:
> {code}
> public class TCustomizedHttpTransport : THttpTransport
> {
> public override HttpClientHandler CreateHttpClientHandler(X509Certificate[] certs = null)
> {
> var handler = base.CreateHttpClientHandler(certificates);
> handler.ServerCertificateCustomValidationCallback = MyCallback;
> return handler;
> }
> private bool MyCallback(object s, X509Certificate crt, X509Chain ch, SslPolicyErrors e)
> {
> var other_errors = e & (~SslPolicyErrors.RemoteCertificateNameMismatch);
> return (SslPolicyErrors.None == other_errors);
> }
> }
> {code}
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)