Throw upon cleartext HTTP queries #1181
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
3 tasks
fynngodau
force-pushed
the
refuse-http-queries
branch
from
8496f46
to
ec019d3
Compare
|
Nicely, the tests fail because #1177 is not merged. 🙂 |
fynngodau
force-pushed
the
refuse-http-queries
branch
from
ec019d3
to
bff7518
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
NewPipe presently does not have a network policy (see manifest), hence from Android 9 onwards, it is not ever possible for it to make cleartext HTTP queries. Thus as of now, to avoid errors, the extractor must make sure that all queries it sends are encrypted HTTPS queries.
I propose explicitly forcing the extractor itself to refuse HTTP queries. This extends the guarantee that no HTTPS queries are made towards all other downstreams as well, and allows testing for bugs related to missing HTTPS queries from within the extractor's tests. TeamNewPipe/NewPipe#11074 is such a bug that could have been caught through tests.
The alternative would be to transparently upgrade queries to HTTPS from within the
Downloaderclass. However, I would prefer if extractors ensured that they never send HTTPS queries in the first place.