mirror of
https://github.com/aclindsa/ofxgo.git
synced 2024-12-25 22:43:21 -05:00
Check HTTPS is always used
This commit is contained in:
parent
62f0ae600b
commit
47f1b82c0b
@ -4,6 +4,7 @@ import (
|
||||
"errors"
|
||||
"io"
|
||||
"net/http"
|
||||
"strings"
|
||||
)
|
||||
|
||||
type Client struct {
|
||||
@ -62,6 +63,10 @@ func (c *Client) IndentRequests() bool {
|
||||
// read from 'r'. The caller is responsible for closing the http Response.Body
|
||||
// (see the http module's documentation for more information)
|
||||
func RawRequest(URL string, r io.Reader) (*http.Response, error) {
|
||||
if !strings.HasPrefix(URL, "https://") {
|
||||
return nil, errors.New("Refusing to send OFX request with possible plain-text password over non-https protocol")
|
||||
}
|
||||
|
||||
response, err := http.Post(URL, "application/x-ofx", r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
Loading…
Reference in New Issue
Block a user