allow to skip cert validation for internal test situations #565
Conversation
src/config.rs
Outdated
| @@ -195,6 +195,9 @@ pub struct GooseConfiguration { | |||
| /// Follows base_url redirect with subsequent requests | |||
| #[options(no_short)] | |||
| pub sticky_follow: bool, | |||
| /// Allows to test internally when https validation is not required | |||
There was a problem hiding this comment.
How about documenting this as:
Disables validation of https certificates
We can better document in the goose book (and it can happen in a followup PR).
src/config.rs
Outdated
| @@ -332,6 +335,8 @@ pub(crate) struct GooseDefaults { | |||
| pub websocket_host: Option<String>, | |||
| /// An optional default for port WebSocket Controller listens on. | |||
| pub websocket_port: Option<u16>, | |||
| /// Allow for internal testing when no certificates are available but still using https | |||
There was a problem hiding this comment.
Please use the same format as the above:
An optional default for not validating https certificates.
| @@ -2318,6 +2318,7 @@ pub(crate) fn create_reqwest_client( | |||
| .timeout(Duration::from_millis(timeout)) | |||
| // Enable gzip unless `--no-gzip` flag is enabled. | |||
| .gzip(!configuration.no_gzip) | |||
| .danger_accept_invalid_certs(configuration.accept_invalid_certs) | |||
There was a problem hiding this comment.
Please include a comment, for example:
// Validate https certificates unless --accept_invalid_certs is enabled.
There was a problem hiding this comment.
Whoops, sorry, I think that's actually --accept-invalid-certs -- can you test and confirm, and fix if necessary?
|
Changed the comments |
| @@ -2318,6 +2318,7 @@ pub(crate) fn create_reqwest_client( | |||
| .timeout(Duration::from_millis(timeout)) | |||
| // Enable gzip unless `--no-gzip` flag is enabled. | |||
| .gzip(!configuration.no_gzip) | |||
| .danger_accept_invalid_certs(configuration.accept_invalid_certs) | |||
There was a problem hiding this comment.
Whoops, sorry, I think that's actually --accept-invalid-certs -- can you test and confirm, and fix if necessary?
|
Ok, changed |
| @@ -2318,6 +2318,7 @@ pub(crate) fn create_reqwest_client( | |||
| .timeout(Duration::from_millis(timeout)) | |||
| // Enable gzip unless `--no-gzip` flag is enabled. | |||
| .gzip(!configuration.no_gzip) | |||
| .danger_accept_invalid_certs(configuration.accept_invalid_certs) | |||
Adding the possibility to setup Reqwest client with ignore certificate mode.
This feature is used in cases https is used for non terminated proxies, but when testing internal infrastructure setups eg. when self signed or dev certificates are being used.
This is what I currently need to be able to use goose in the setup I have to load test.