cleartext traffic #107
Comments
|
That might a mistake while I was upgrading Gradle, didn't even knew that such thing exists.
I will offer an update so fast I can. |
DerGoogler
added
bug
Ah, OK. I thought the intention might have been to support "local repos" (for hosting one's preferred modules within the own home network, where https might be a bit overkill and getting a proper certificate even difficult), in which case it would totally make sense.
No stress, the "alert" will only pop up again when a new release is being pulled. And it's just a warning. Sure, if it's not needed it shouldn't be there – but before removing it better be sure it is not needed. I don't think (m)any people will host any repositories locally, though, so removing could be fine. Leaving the decision to you. I just need to know if I should add that flag to your app's allow-list (if it's needed) or not (otherwise, so we get another warning should it "sneak back in"). |
"Local repos" are just the saved repo data. [
{
"name": "Magisk Modules Alt Repo",
"website": "https://github.com/Magisk-Modules-Alt-Repo",
"support": "https://github.com/Magisk-Modules-Alt-Repo/json/issues",
"donate": null,
"submitModule": null,
"last_update": 1690995729000,
"modules": "https://gr.dergoogler.com/magisk/mmar.json"
}
] |
I thought of that in a different way, like: [
{
"name": "My personal Repo",
"website": "http://192.168.1.15/magisk",
"support": null,
"donate": null,
"submitModule": null,
"last_update": 1690995729000,
"modules": "http://192.168.1.15/magisk.json"
}
]But as already mentioned, that would be a rare edge-case. And you decided already – so yes, better security that way, thanks! |
My scanner just got its hands on today's update and reported:
This is just a warning (the update was still published), but could you please let me know why you've set that flag? By default, it's turned off, so you'll have had a reason for enabling that. Thanks in advance!
The text was updated successfully, but these errors were encountered: