Add option to disable ssl certificate verify.

[partic2]

Sometime I need "fetch" from https website without valid certificate. In which case I want to disable ssl certificate verifiy.

Maybe add

  curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
  curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);

will work. But how to tell txiki.js when to do this?

BTW, We can disable ssl certificate verify on node.js, By set environment variable NODE_TLS_REJECT_UNAUTHORIZED=0.

[bnoordhuis]

We can disable ssl certificate verify on node.js, By set environment variable NODE_TLS_REJECT_UNAUTHORIZED=0

I added that environment variable to node back in the day and I deeply regret it. The internet is filled with terrible advice regarding that setting. "Wotsa 'certificate error'? Herp derp, disable" :facepalm:

[lal12]

We can disable ssl certificate verify on node.js, By set environment variable NODE_TLS_REJECT_UNAUTHORIZED=0

I added that environment variable to node back in the day and I deeply regret it. The internet is filled with terrible advice regarding that setting. "Wotsa 'certificate error'? Herp derp, disable" 🤦

Agree. I also would prefer an individual per request option.

[guest271314]

@bnoordhuis

I added that environment variable to node back in the day and I deeply regret it. The internet is filled with terrible advice regarding that setting.

That environmental variable is very helpful for local testing. Chromium has a similar flag --ignore-certificate-errors-spki-list=....

[saghul]

A custom option to fetch would be acceptable I'd say.