Drive has always worked with both HTTP and HTTPS, but HTTP is a serious security flow as everything transits in clear (especially tokens ... ).
A workaround has been added with
NXDRIVE-1647, and it is effectively a bad decision as:
- it will change the server URL without asking the user
- it introduces such errors
So the proposition is to make Drive work with HTTPS only, as it is already the case with the mobile application.
This is a breaking change as it will force users to have a HTTPS server, but on production, this must already be the case.
- It will enforce the idea the Drive is secure to use.
- It will help catch bad server deployment, forcing sysadmins to do the right things to only allow HTTPS and stop using bad HTTP -> HTTPS redirections for instance.
Work to implement:
- When one enters a server URL, print a red error if it is not HTTPS.
- When automatically checking for the server URL, using the guess_server_url() function, drop HTTP stuff.
- For developers and users who still want to use an insecure URL, a whitelist option containing domains to ignore can be used. This list wil contain, by default: localhost and 127.0.0.1.