Merge pull request #5172 from hardillb/http-request-rejectunauthorized-string

Allow limited Strings for msg.rejectUnauthorized
2025-12-27 15:34:26 +01:00 · 2025-06-16 14:04:43 +01:00
parent 407d231cdd 410e5b8faf
commit 3222efb5d0
2 changed files with 14 additions and 2 deletions
--- a/packages/node_modules/@node-red/nodes/core/network/21-httprequest.js
+++ b/packages/node_modules/@node-red/nodes/core/network/21-httprequest.js
@@ -599,7 +599,18 @@ in your Node-RED user directory (${RED.settings.userDir}).
                }
            } else {
                if (msg.hasOwnProperty('rejectUnauthorized')) {
-                    opts.https = { rejectUnauthorized: msg.rejectUnauthorized };
+                    if (typeof msg.rejectUnauthorized === 'boolean') {
+                        opts.https = { rejectUnauthorized: msg.rejectUnauthorized }
+                    } else if (typeof msg.rejectUnauthorized === 'string') {
+                        if (msg.rejectUnauthorized.toLowerCase() === 'true' || msg.rejectUnauthorized.toLowerCase() === 'false') {
+                            opts.https = { rejectUnauthorized: (msg.rejectUnauthorized.toLowerCase() === 'true') }
+                        } else {
+                            node.warn(RED._("httpin.errors.rejectunauthorized-invalid"))
+                        }
+                    } else {
+                        node.warn(RED._("httpin.errors.rejectunauthorized-invalid"))
+                    }
+                    
                }
            }