feat(http): add dangerous settings / disable ssl verification - issue #518 (#2204)

2026-06-06 13:53:54 +02:00 · 2025-01-21 19:23:37 -05:00
parent ce11079f19
commit 105136494c
6 changed files with 62 additions and 2 deletions
@@ -75,6 +75,14 @@ pub struct FetchResponse {
    rid: ResourceId,
 }

+#[derive(Debug, Deserialize)]
+#[serde(rename_all = "camelCase")]
+#[allow(dead_code)] //feature flags shoudln't affect api
+pub struct DangerousSettings {
+    accept_invalid_certs: bool,
+    accept_invalid_hostnames: bool,
+}
+
 #[derive(Debug, Deserialize)]
 #[serde(rename_all = "camelCase")]
 pub struct ClientConfig {
@@ -85,6 +93,7 @@ pub struct ClientConfig {
    connect_timeout: Option<u64>,
    max_redirections: Option<usize>,
    proxy: Option<Proxy>,
+    danger: Option<DangerousSettings>,
 }

 #[derive(Debug, Deserialize)]
@@ -181,6 +190,7 @@ pub async fn fetch<R: Runtime>(
        connect_timeout,
        max_redirections,
        proxy,
+        danger,
    } = client_config;

    let scheme = url.scheme();
@@ -220,6 +230,24 @@ pub async fn fetch<R: Runtime>(
            {
                let mut builder = reqwest::ClientBuilder::new();

+                if let Some(danger_config) = danger {
+                    #[cfg(not(feature = "dangerous-settings"))]
+                    {
+                        #[cfg(debug_assertions)]
+                        {
+                            eprintln!("[\x1b[33mWARNING\x1b[0m] using dangerous settings requires `dangerous-settings` feature flag in your Cargo.toml");
+                        }
+                        let _ = danger_config;
+                        return Err(Error::DangerousSettings);
+                    }
+                    #[cfg(feature = "dangerous-settings")]
+                    {
+                        builder = builder
+                            .danger_accept_invalid_certs(danger_config.accept_invalid_certs)
+                            .danger_accept_invalid_hostnames(danger_config.accept_invalid_hostnames)
+                    }
+                }
+
                if let Some(timeout) = connect_timeout {
                    builder = builder.connect_timeout(Duration::from_millis(timeout));
                }
@@ -41,6 +41,8 @@ pub enum Error {
    Tauri(#[from] tauri::Error),
    #[error(transparent)]
    Utf8(#[from] std::string::FromUtf8Error),
+    #[error("dangerous settings used but are not enabled")]
+    DangerousSettings,
 }

 impl Serialize for Error {