I have a web service that provides users the ability to register webhooks with secure URLs (e.g. https://). I am considering also supporting non-secured URLs to be registered (e.g. self-signed certs).
Would my service be exposed to any security vulnerabilities if I enable users to register non-secured URLs? I'm aware the user registering the non-secured URL would be exposed, but would my service be exposed in any way?
Aucun commentaire:
Enregistrer un commentaire