[josm-dev] shocking - unsecure password sending!
Frederik Ramm
frederik at remote.org
Wed Oct 7 15:55:10 BST 2009
Hi,
Karl Guggisberg wrote:
> Why reinvent the weel?
Ah, so you confess that the Apache http stack is not *necessary* ;-)
> Luickly there are smart people providing http client
> libraries which would shield JOSM from the nasty details of proxy
> authentication, libraries which are tested against a heterogeneous set of
> proxy software "in the wild".
Maybe JOSM could be built in a way to take advantage of a separately
downloaded Apache HTTP client if one is there, and silently fall back to
the built-in default if not? That way we wouldn't have to force all
those libraries onto our users.
Or else we can have a "proxy auth" plugin that people load if they want
proxy authentication with all bells and whistles.
That's one big gripe I have with the Java world. Instead of installing
libraries in a global location on a system, every smallest Java program
brings its own set of libraries because of course they all use a
slightly different version of each.
Bye
Frederik
More information about the josm-dev
mailing list