dongxian6715
2014-05-06 11:50
浏览 16
已采纳

我可以互换地在URL中使用ssl://和https://吗?

I have to write some PHP code to make a post request to an external server and got two different examples from the server owners, one using "ssl://" and the other "https://" in the URL.

Can they be used interchangeably? Where would this be documented? Thank you!

EDIT to include PHP code (not sure why I can't format the code properly, if someone can help with explaining how to incorporate the initial comment in the code block):

// make a http post request to an external server
function httpPost($host, $usepath, $postdata = "") {

    $fp = fsockopen($host, 443, $errno, $errstr, 60);
    if( !$fp ) {
        print "$errstr ($errno)<br>
";
    }
    else {
        fwrite( $fp, "POST $usepath HTTP/1.0
");
        $strlength = strlen( $postdata );
        fwrite( $fp, "Content-type: application/x-www-form-urlencoded
" );
        fwrite( $fp, "Content-length: ".$strlength."

" );
        fwrite( $fp, $postdata."

" );

        $output = "";

        while( !feof( $fp ) ) {
            $output .= fgets( $fp, 1024);
        }

        fclose( $fp);
    }

    return $output;
}
  • 写回答
  • 好问题 提建议
  • 追加酬金
  • 关注问题
  • 邀请回答

2条回答 默认 最新

  • dtol41388 2014-05-06 14:16
    最佳回答

    ssl:// URLs are quite specific to PHP. It's the way PHP provides a way to use a direct SSL/TLS connection when using its fsocketopen function. See List of Supported Socket Transports in the manual.

    ssl:// will give you an SSL/TLS connection without any application protocol on top of it: it will be up to your application to implement whichever protocol you require for the communication.

    In contrast, https:// will implement the HTTP protocol over this SSL/TLS connection.

    Note that the default settings for ssl:// and tls:// are rather poor in terms of security. In particular, the default value for verify_peer is false, which would make the connection vulnerable to MITM attacks.

    评论
    解决 无用
    打赏 举报
查看更多回答(1条)

相关推荐 更多相似问题