aclindsa/ofxgo
1
0
Fork 0
mirror of https://github.com/aclindsa/ofxgo.git synced 2024-11-21 19:20:05 -05:00
Code Issues Releases Wiki Activity

Check HTTPS is always used

Browse Source
This commit is contained in:
Aaron Lindsay 2017-04-01 21:33:56 -04:00
parent 62f0ae600b
commit 47f1b82c0b
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
client.go
View File

@ -4,6 +4,7 @@ import (
"errors" "errors"
"io" "io"
"net/http" "net/http"
"strings"
) )
type Client struct { type Client struct {
@ -62,6 +63,10 @@ func (c *Client) IndentRequests() bool {
// read from 'r'. The caller is responsible for closing the http Response.Body // read from 'r'. The caller is responsible for closing the http Response.Body
// (see the http module's documentation for more information) // (see the http module's documentation for more information)
func RawRequest(URL string, r io.Reader) (*http.Response, error) { func RawRequest(URL string, r io.Reader) (*http.Response, error) {
if !strings.HasPrefix(URL, "https://") {
return nil, errors.New("Refusing to send OFX request with possible plain-text password over non-https protocol")
}
response, err := http.Post(URL, "application/x-ofx", r) response, err := http.Post(URL, "application/x-ofx", r)
if err != nil { if err != nil {
return nil, err return nil, err