Learn More
Resend Email
13
CozyPlanes
7y

API Documentation: All API request should be made over https connections.

Me: Ok, (sees url bar), SECURE, good!

(sees curl code)

curl -X GET 'http://shittyapi.com/api/v2/users'

Me: (gasps) huh?

(heads to http://shittyapi.com/api/v2)

Me: Ok, (sees address bar) NOT SECURE

.
.
.
.
.

(long silence)

undefined

irony

encryption

api

silence

https
Favorite
Ranter
Comments
  • 2
    7y
    Unpopular opinion: http is fine for get requests
  • 1
    7y
    @sharktits @teganburns

    It returns NGINX BAD REQUEST because https is required, and THEY THEMSELVES use only http for the API. WTF??
  • 1
    7y
    Um...
  • 2
    7y
    @sharktits depends on the content and whether there is a cookie for this site.
    But in the age of letsencrypt https should be mandatory.
  • 2
    7y
    @sharktits thats literally saying "because you use this protocol, the data should not be encrypted." the only factor in deciding if data should be encrypted is the data itself, and if it's necessary to be encrypted.
Related Rants
devRant © 2021 Hexical Labs LLC
Privacy Policy  |  Terms of Service
Add Comment