I am using Indy to get JSON from a url address. My code is using TIdSSLIOHandlerSocketOpenSSL as IOHandler for TIdHTTP.
var IdHTTP: TIdHTTP;
IdSSL: TIdSSLIOHandlerSocketOpenSSL; // IO handler #1
IdnoSSL: TIdIOHandlerStack; // IO handler #2
JSON: String;
I'm curious, if there is some reason to use SSL as handler, when the url is simple http://www.example.com, not https://www.example.com?
begin
IdHTTP := TIdHTTP.Create;
try
IdSSL := TIdSSLIOHandlerSocketOpenSSL.Create(IdHTTP);
IdHTTP.IOHandler := IdSSL;
// IdnoSSL:= TIdIOHandlerStack.Create(IdHTTP);
// IdHTTP.IOHandler := IdnoSSL;
JSON := IdHTTP.Get('http://www.example.com');
finally
IdHTTP.Free;
end;
end;
Or should I remove TIdSSLIOHandlerSocketOpenSSL and use noSSL with TIdIOHandlerStack?
Any help or advice is appriecated.
If you assign IdSSL, TIdHTTP will automatically enable/disable it depending on whether an HTTP or HTTPS url is being requested. So, you could just assign IdSSL always, and let TIdHTTP decide how to use it.
On the other hand, if you don't need HTTPS at all, you don't really need to assign any IOHandler at all (you almost never need IdnoSSL). When connecting to a server, Indy will create a default TIdIOHandlerStack for you if an IOHandler has not been assigned yet.
If you are using an up-to-date version of Indy, and do no need to customize SSL/TLS settings, then you don't need to manually assign an IOHandler for HTTPS.
However, if you attempt to request an HTTPS url without an SSL IOHandler assigned (manually or otherwise), you will get an EIdIOHandlerPropInvalid exception.