Google Git
Sign in
go / gddo / 376e728d96efee0251a9979306cc371ff6cb4600
commit376e728d96efee0251a9979306cc371ff6cb4600[log] [tgz]
authorRoss Light <light@google.com>Mon Oct 09 10:52:51 2017 -0700
committerRoss Light <light@google.com>Mon Oct 09 20:27:33 2017 +0000
tree93be0418f09003be1905e28c7e65a0706ed07800
parent1e2b1a1a6d3c94c05649b18c231b6959046f69b0 [diff]
httputil: only send client authorization over HTTPS

Might just be a hypothetical concern, but better for this to fail closed
(not send credentials when needed) than to fail open (send credentials
insecurely).

Change-Id: I8542e8c0b533a3c5f53a5f03f4e3b639b6b55f71
Reviewed-on: https://go-review.googlesource.com/69290
Reviewed-by: Tuo Shan <shantuo@google.com>
2 files changed
tree: 93be0418f09003be1905e28c7e65a0706ed07800
  1. database/
  2. deploy/
  3. doc/
  4. gae-service-proxy/
  5. gddo-admin/
  6. gddo-server/
  7. Godeps/
  8. gosrc/
  9. httputil/
  10. lintapp/
  11. log/
  12. talksapp/
  13. vendor/
  14. .travis.yml
  15. CONTRIBUTING.md
  16. Dockerfile
  17. LICENSE
  18. README.markdown