Hakky54 commented on issue #194: Switched to TLSv1.2 as default protocol if none provided URL: https://github.com/apache/httpcomponents-core/pull/194#issuecomment-602188961 @ok2c Good that you mentioned that part. So Apache was already excluding weak protocols by default, that's awesome. I missed that part, sorry my bad. I see indeed this code: ``` public static String[] excludeWeak(final String... protocols) { if (protocols == null) { return null; } final List<String> enabledProtocols = new ArrayList<>(); for (final String protocol: protocols) { if (!protocol.startsWith("SSL") && !protocol.equals(V_1_0.id) && !protocol.equals(V_1_1.id)) { enabledProtocols.add(protocol); } } if (enabledProtocols.isEmpty()) { enabledProtocols.add(V_1_2.id); } return enabledProtocols.toArray(new String[0]); } ``` That would make this pull request not needed I guess
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
