Quote:
Originally Posted by vlad59
@exachillus
I understand your thoughts about security. Unfortunately the standard may have to be modified and the clients have to be updated .... If you add that many OPDS client only support a small part of the official spec, you end up with a hard problem. I remember exchanging some mails with Hadrien Gardeur (author of OPDS specs) about 2 years ago and we agreed that HTTP Basic Auth over HTTPS was a good compromise (I didn't say it all good) and all other solutions will be harder to be adopted. I'll try to find the thread.
Last time I checked most Android OPDS client will not work at all with self signed SSL certficate and some won't work at all with HTTPS.
About your problem with some Android browsers, it may be linked to this bug :
https://code.google.com/p/android/issues/detail?id=1353
It was fixed not so long ago and maybe it's related.
No real answers  sorry. But as you said, you can always use a VPN. |
vlad59
Thanks for your thoughts. It is all fine. I was trying to see if there were work arounds. And I realize the hardships around developing software. I appreciate the work you put here.
As far as security goes, most people might not recognize that is an issue, so maybe a slight warning about it and possible solutions can help. My intention was to inform users here.
cheers