diff options
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/classes/EditorSettings.xml | 4 | ||||
| -rw-r--r-- | doc/classes/HTTPClient.xml | 20 | ||||
| -rw-r--r-- | doc/classes/HTTPRequest.xml | 14 | ||||
| -rw-r--r-- | doc/classes/PacketPeerDTLS.xml | 2 | ||||
| -rw-r--r-- | doc/classes/PacketPeerUDP.xml | 2 | ||||
| -rw-r--r-- | doc/classes/ProjectSettings.xml | 4 | ||||
| -rw-r--r-- | doc/classes/StreamPeerTLS.xml | 8 | ||||
| -rw-r--r-- | doc/classes/X509Certificate.xml | 4 |
8 files changed, 29 insertions, 29 deletions
diff --git a/doc/classes/EditorSettings.xml b/doc/classes/EditorSettings.xml index d509ee386b..329cd3fe63 100644 --- a/doc/classes/EditorSettings.xml +++ b/doc/classes/EditorSettings.xml @@ -616,8 +616,8 @@ The port number to use to contact the HTTP and HTTPS proxy in the editor (for the asset library and export template downloads). See also [member network/http_proxy/host]. [b]Note:[/b] Godot currently doesn't automatically use system proxy settings, so you have to enter them manually here if needed. </member> - <member name="network/ssl/editor_ssl_certificates" type="String" setter="" getter=""> - The SSL certificate bundle to use for HTTP requests made within the editor (e.g. from the AssetLib tab). If left empty, the [url=https://github.com/godotengine/godot/blob/master/thirdparty/certs/ca-certificates.crt]included Mozilla certificate bundle[/url] will be used. + <member name="network/tls/editor_tls_certificates" type="String" setter="" getter=""> + The TLS certificate bundle to use for HTTP requests made within the editor (e.g. from the AssetLib tab). If left empty, the [url=https://github.com/godotengine/godot/blob/master/thirdparty/certs/ca-certificates.crt]included Mozilla certificate bundle[/url] will be used. </member> <member name="project_manager/sorting_order" type="int" setter="" getter=""> The sorting order to use in the project manager. When changing the sorting order in the project manager, this setting is set permanently in the editor settings. diff --git a/doc/classes/HTTPClient.xml b/doc/classes/HTTPClient.xml index 332ce9d8f4..b3ed38d250 100644 --- a/doc/classes/HTTPClient.xml +++ b/doc/classes/HTTPClient.xml @@ -7,17 +7,17 @@ Hyper-text transfer protocol client (sometimes called "User Agent"). Used to make HTTP requests to download web content, upload files and other data or to communicate with various services, among other use cases. See the [HTTPRequest] node for a higher-level alternative. [b]Note:[/b] This client only needs to connect to a host once (see [method connect_to_host]) to send multiple requests. Because of this, methods that take URLs usually take just the part after the host instead of the full URL, as the client is already connected to a host. See [method request] for a full example and to get started. - A [HTTPClient] should be reused between multiple requests or to connect to different hosts instead of creating one client per request. Supports SSL and SSL server certificate verification. HTTP status codes in the 2xx range indicate success, 3xx redirection (i.e. "try again, but over here"), 4xx something was wrong with the request, and 5xx something went wrong on the server's side. + A [HTTPClient] should be reused between multiple requests or to connect to different hosts instead of creating one client per request. Supports Transport Layer Security (TLS), including server certificate verification. HTTP status codes in the 2xx range indicate success, 3xx redirection (i.e. "try again, but over here"), 4xx something was wrong with the request, and 5xx something went wrong on the server's side. For more information on HTTP, see https://developer.mozilla.org/en-US/docs/Web/HTTP (or read RFC 2616 to get it straight from the source: https://tools.ietf.org/html/rfc2616). [b]Note:[/b] When exporting to Android, make sure to enable the [code]INTERNET[/code] permission in the Android export preset before exporting the project or using one-click deploy. Otherwise, network communication of any kind will be blocked by Android. - [b]Note:[/b] It's recommended to use transport encryption (SSL/TLS) and to avoid sending sensitive information (such as login credentials) in HTTP GET URL parameters. Consider using HTTP POST requests or HTTP headers for such information instead. + [b]Note:[/b] It's recommended to use transport encryption (TLS) and to avoid sending sensitive information (such as login credentials) in HTTP GET URL parameters. Consider using HTTP POST requests or HTTP headers for such information instead. [b]Note:[/b] When performing HTTP requests from a project exported to Web, keep in mind the remote server may not allow requests from foreign origins due to [url=https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS]CORS[/url]. If you host the server in question, you should modify its backend to allow requests from foreign origins by adding the [code]Access-Control-Allow-Origin: *[/code] HTTP header. - [b]Note:[/b] SSL/TLS support is currently limited to TLS 1.0, TLS 1.1, and TLS 1.2. Attempting to connect to a TLS 1.3-only server will return an error. - [b]Warning:[/b] SSL/TLS certificate revocation and certificate pinning are currently not supported. Revoked certificates are accepted as long as they are otherwise valid. If this is a concern, you may want to use automatically managed certificates with a short validity period. + [b]Note:[/b] TLS support is currently limited to TLS 1.0, TLS 1.1, and TLS 1.2. Attempting to connect to a TLS 1.3-only server will return an error. + [b]Warning:[/b] TLS certificate revocation and certificate pinning are currently not supported. Revoked certificates are accepted as long as they are otherwise valid. If this is a concern, you may want to use automatically managed certificates with a short validity period. </description> <tutorials> <link title="HTTP client class">$DOCS_URL/tutorials/networking/http_client_class.html</link> - <link title="SSL certificates">$DOCS_URL/tutorials/networking/ssl_certificates.html</link> + <link title="TLS certificates">$DOCS_URL/tutorials/networking/ssl_certificates.html</link> </tutorials> <methods> <method name="close"> @@ -30,13 +30,13 @@ <return type="int" enum="Error" /> <param index="0" name="host" type="String" /> <param index="1" name="port" type="int" default="-1" /> - <param index="2" name="use_ssl" type="bool" default="false" /> + <param index="2" name="use_tls" type="bool" default="false" /> <param index="3" name="verify_host" type="bool" default="true" /> <description> Connects to a host. This needs to be done before any requests are sent. The host should not have http:// prepended but will strip the protocol identifier if provided. - If no [param port] is specified (or [code]-1[/code] is used), it is automatically set to 80 for HTTP and 443 for HTTPS (if [param use_ssl] is enabled). - [param verify_host] will check the SSL identity of the host if set to [code]true[/code]. + If no [param port] is specified (or [code]-1[/code] is used), it is automatically set to 80 for HTTP and 443 for HTTPS (if [param use_tls] is enabled). + [param verify_host] will check the TLS identity of the host if set to [code]true[/code]. </description> </method> <method name="get_response_body_length" qualifiers="const"> @@ -262,8 +262,8 @@ <constant name="STATUS_CONNECTION_ERROR" value="8" enum="Status"> Status: Error in HTTP connection. </constant> - <constant name="STATUS_SSL_HANDSHAKE_ERROR" value="9" enum="Status"> - Status: Error in SSL handshake. + <constant name="STATUS_TLS_HANDSHAKE_ERROR" value="9" enum="Status"> + Status: Error in TLS handshake. </constant> <constant name="RESPONSE_CONTINUE" value="100" enum="ResponseCode"> HTTP status code [code]100 Continue[/code]. Interim response that indicates everything so far is OK and that the client should continue with the request (or ignore this status if already finished). diff --git a/doc/classes/HTTPRequest.xml b/doc/classes/HTTPRequest.xml index 4b098bf585..64a3315308 100644 --- a/doc/classes/HTTPRequest.xml +++ b/doc/classes/HTTPRequest.xml @@ -6,7 +6,7 @@ <description> A node with the ability to send HTTP requests. Uses [HTTPClient] internally. Can be used to make HTTP requests, i.e. download or upload files or web content via HTTP. - [b]Warning:[/b] See the notes and warnings on [HTTPClient] for limitations, especially regarding SSL security. + [b]Warning:[/b] See the notes and warnings on [HTTPClient] for limitations, especially regarding TLS security. [b]Note:[/b] When exporting to Android, make sure to enable the [code]INTERNET[/code] permission in the Android export preset before exporting the project or using one-click deploy. Otherwise, network communication of any kind will be blocked by Android. [b]Example of contacting a REST API and printing one of its returned fields:[/b] [codeblocks] @@ -157,7 +157,7 @@ </description> <tutorials> <link title="Making HTTP requests">$DOCS_URL/tutorials/networking/http_request_class.html</link> - <link title="SSL certificates">$DOCS_URL/tutorials/networking/ssl_certificates.html</link> + <link title="TLS certificates">$DOCS_URL/tutorials/networking/ssl_certificates.html</link> </tutorials> <methods> <method name="cancel_request"> @@ -189,21 +189,21 @@ <return type="int" enum="Error" /> <param index="0" name="url" type="String" /> <param index="1" name="custom_headers" type="PackedStringArray" default="PackedStringArray()" /> - <param index="2" name="ssl_validate_domain" type="bool" default="true" /> + <param index="2" name="tls_validate_domain" type="bool" default="true" /> <param index="3" name="method" type="int" enum="HTTPClient.Method" default="0" /> <param index="4" name="request_data" type="String" default="""" /> <description> Creates request on the underlying [HTTPClient]. If there is no configuration errors, it tries to connect using [method HTTPClient.connect_to_host] and passes parameters onto [method HTTPClient.request]. Returns [constant OK] if request is successfully created. (Does not imply that the server has responded), [constant ERR_UNCONFIGURED] if not in the tree, [constant ERR_BUSY] if still processing previous request, [constant ERR_INVALID_PARAMETER] if given string is not a valid URL format, or [constant ERR_CANT_CONNECT] if not using thread and the [HTTPClient] cannot connect to host. [b]Note:[/b] When [param method] is [constant HTTPClient.METHOD_GET], the payload sent via [param request_data] might be ignored by the server or even cause the server to reject the request (check [url=https://datatracker.ietf.org/doc/html/rfc7231#section-4.3.1]RFC 7231 section 4.3.1[/url] for more details). As a workaround, you can send data as a query string in the URL (see [method String.uri_encode] for an example). - [b]Note:[/b] It's recommended to use transport encryption (SSL/TLS) and to avoid sending sensitive information (such as login credentials) in HTTP GET URL parameters. Consider using HTTP POST requests or HTTP headers for such information instead. + [b]Note:[/b] It's recommended to use transport encryption (TLS) and to avoid sending sensitive information (such as login credentials) in HTTP GET URL parameters. Consider using HTTP POST requests or HTTP headers for such information instead. </description> </method> <method name="request_raw"> <return type="int" enum="Error" /> <param index="0" name="url" type="String" /> <param index="1" name="custom_headers" type="PackedStringArray" default="PackedStringArray()" /> - <param index="2" name="ssl_validate_domain" type="bool" default="true" /> + <param index="2" name="tls_validate_domain" type="bool" default="true" /> <param index="3" name="method" type="int" enum="HTTPClient.Method" default="0" /> <param index="4" name="request_data_raw" type="PackedByteArray" default="PackedByteArray()" /> <description> @@ -283,8 +283,8 @@ <constant name="RESULT_CONNECTION_ERROR" value="4" enum="Result"> Request failed due to connection (read/write) error. </constant> - <constant name="RESULT_SSL_HANDSHAKE_ERROR" value="5" enum="Result"> - Request failed on SSL handshake. + <constant name="RESULT_TLS_HANDSHAKE_ERROR" value="5" enum="Result"> + Request failed on TLS handshake. </constant> <constant name="RESULT_NO_RESPONSE" value="6" enum="Result"> Request does not have a response (yet). diff --git a/doc/classes/PacketPeerDTLS.xml b/doc/classes/PacketPeerDTLS.xml index e9918bdd3a..db8403a56b 100644 --- a/doc/classes/PacketPeerDTLS.xml +++ b/doc/classes/PacketPeerDTLS.xml @@ -6,7 +6,7 @@ <description> This class represents a DTLS peer connection. It can be used to connect to a DTLS server, and is returned by [method DTLSServer.take_connection]. [b]Note:[/b] When exporting to Android, make sure to enable the [code]INTERNET[/code] permission in the Android export preset before exporting the project or using one-click deploy. Otherwise, network communication of any kind will be blocked by Android. - [b]Warning:[/b] SSL/TLS certificate revocation and certificate pinning are currently not supported. Revoked certificates are accepted as long as they are otherwise valid. If this is a concern, you may want to use automatically managed certificates with a short validity period. + [b]Warning:[/b] TLS certificate revocation and certificate pinning are currently not supported. Revoked certificates are accepted as long as they are otherwise valid. If this is a concern, you may want to use automatically managed certificates with a short validity period. </description> <tutorials> </tutorials> diff --git a/doc/classes/PacketPeerUDP.xml b/doc/classes/PacketPeerUDP.xml index b635757b2b..9107937183 100644 --- a/doc/classes/PacketPeerUDP.xml +++ b/doc/classes/PacketPeerUDP.xml @@ -34,7 +34,7 @@ <param index="1" name="port" type="int" /> <description> Calling this method connects this UDP peer to the given [param host]/[param port] pair. UDP is in reality connectionless, so this option only means that incoming packets from different addresses are automatically discarded, and that outgoing packets are always sent to the connected address (future calls to [method set_dest_address] are not allowed). This method does not send any data to the remote peer, to do that, use [method PacketPeer.put_var] or [method PacketPeer.put_packet] as usual. See also [UDPServer]. - [b]Note:[/b] Connecting to the remote peer does not help to protect from malicious attacks like IP spoofing, etc. Think about using an encryption technique like SSL or DTLS if you feel like your application is transferring sensitive information. + [b]Note:[/b] Connecting to the remote peer does not help to protect from malicious attacks like IP spoofing, etc. Think about using an encryption technique like TLS or DTLS if you feel like your application is transferring sensitive information. </description> </method> <method name="get_local_port" qualifiers="const"> diff --git a/doc/classes/ProjectSettings.xml b/doc/classes/ProjectSettings.xml index ce627bb762..3dbf7c75e5 100644 --- a/doc/classes/ProjectSettings.xml +++ b/doc/classes/ProjectSettings.xml @@ -1488,8 +1488,8 @@ <member name="network/remote_fs/page_size" type="int" setter="" getter="" default="65536"> Page size used by remote filesystem (in bytes). </member> - <member name="network/ssl/certificate_bundle_override" type="String" setter="" getter="" default=""""> - The CA certificates bundle to use for SSL connections. If this is set to a non-empty value, this will [i]override[/i] Godot's default [url=https://github.com/godotengine/godot/blob/master/thirdparty/certs/ca-certificates.crt]Mozilla certificate bundle[/url]. If left empty, the default certificate bundle will be used. + <member name="network/tls/certificate_bundle_override" type="String" setter="" getter="" default=""""> + The CA certificates bundle to use for TLS connections. If this is set to a non-empty value, this will [i]override[/i] Godot's default [url=https://github.com/godotengine/godot/blob/master/thirdparty/certs/ca-certificates.crt]Mozilla certificate bundle[/url]. If left empty, the default certificate bundle will be used. If in doubt, leave this setting empty. </member> <member name="physics/2d/default_angular_damp" type="float" setter="" getter="" default="1.0"> diff --git a/doc/classes/StreamPeerTLS.xml b/doc/classes/StreamPeerTLS.xml index f26c635aaa..d1ddb3d441 100644 --- a/doc/classes/StreamPeerTLS.xml +++ b/doc/classes/StreamPeerTLS.xml @@ -1,14 +1,14 @@ <?xml version="1.0" encoding="UTF-8" ?> <class name="StreamPeerTLS" inherits="StreamPeer" version="4.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="../class.xsd"> <brief_description> - SSL stream peer. + TLS stream peer. </brief_description> <description> - SSL stream peer. This object can be used to connect to an SSL server or accept a single SSL client connection. + TLS stream peer. This object can be used to connect to an TLS server or accept a single TLS client connection. [b]Note:[/b] When exporting to Android, make sure to enable the [code]INTERNET[/code] permission in the Android export preset before exporting the project or using one-click deploy. Otherwise, network communication of any kind will be blocked by Android. </description> <tutorials> - <link title="SSL certificates">$DOCS_URL/tutorials/networking/ssl_certificates.html</link> + <link title="TLS certificates">$DOCS_URL/tutorials/networking/ssl_certificates.html</link> </tutorials> <methods> <method name="accept_stream"> @@ -75,7 +75,7 @@ A status representing a [StreamPeerTLS] in error state. </constant> <constant name="STATUS_ERROR_HOSTNAME_MISMATCH" value="4" enum="Status"> - An error status that shows a mismatch in the SSL certificate domain presented by the host and the domain requested for validation. + An error status that shows a mismatch in the TLS certificate domain presented by the host and the domain requested for validation. </constant> </constants> </class> diff --git a/doc/classes/X509Certificate.xml b/doc/classes/X509Certificate.xml index 94784583ad..37b202a513 100644 --- a/doc/classes/X509Certificate.xml +++ b/doc/classes/X509Certificate.xml @@ -1,11 +1,11 @@ <?xml version="1.0" encoding="UTF-8" ?> <class name="X509Certificate" inherits="Resource" version="4.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="../class.xsd"> <brief_description> - An X509 certificate (e.g. for SSL). + An X509 certificate (e.g. for TLS). </brief_description> <description> The X509Certificate class represents an X509 certificate. Certificates can be loaded and saved like any other [Resource]. - They can be used as the server certificate in [method StreamPeerTLS.accept_stream] (along with the proper [CryptoKey]), and to specify the only certificate that should be accepted when connecting to an SSL server via [method StreamPeerTLS.connect_to_stream]. + They can be used as the server certificate in [method StreamPeerTLS.accept_stream] (along with the proper [CryptoKey]), and to specify the only certificate that should be accepted when connecting to an TLS server via [method StreamPeerTLS.connect_to_stream]. </description> <tutorials> </tutorials> |