Skip to content

Sub Issue 1: Security hardening - SSL bypass, HttpClient pooling, HTTP auth abstraction #308

Closed
#313
Closed
Sub Issue 1: Security hardening - SSL bypass, HttpClient pooling, HTTP auth abstraction#308
#313
@JusterZhu

Description

@JusterZhu
JusterZhu
opened on May 23, 2026

Scope

\VersionService, \DownloadManager, \Environments\ + HTTP auth layer

Changes

  1. Fix SSL bypass: Remove \CheckValidationResult\ returning always \ rue, replace with standard cert validation + \ISslValidationPolicy\ interface
  2. HttpClient pooling: Use \IHttpClientFactory\ instead of
    ew HttpClient()\ every request
  3. Optional certificate pinning support
  4. \IHttpAuthProvider\ abstraction: Bearer Token / API Key / HMAC-SHA256 pluggable auth

Closes: This is Sub Issue 1 of the GeneralUpdate v2 refactor plan.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions