android-password-store/Android-Password-Store

[FEATURE] Allow cleartext HTTP traffic when cloning repositories

RJSent opened this issue · 1 comments

RJSent commented

Is your feature request related to a problem? Please describe.

I host my password store on a server local to my network and cannot clone the repository over HTTP as "Cleartext HTTP traffic is not permitted". As the server is local and the passwords are already encrypted I don't need to worry about a man-in-the-middle, so setting up HTTPS is overkill.

Describe the solution you'd like

Either a) HTTP traffic is universally permitted or b) A toggle is present that, when enabled, allows HTTP traffic.

Describe alternatives you've considered

The solutions discussed at https://stackoverflow.com/questions/45940861 are app-level changes. There doesn't seem to be a device-level setting on my end.

I considered cloning over SSH however my machines use gpg-agent to use a gpg key stored on a YubiKey for SSH authentication, which does not appear to be supported on Android. I also would like to minimize the amount of control my phone has over my server.

Additional context

Version 1.13.5