Will do! Thanks for watching.

Hey, technically yes, but the bulk of the logic is normally handled by the framework. In Flutter the pub.dev/packages/web_socket_channel package does that for you. Server side you will need to define the logic that will upgrade a request. And this will be dependent on the server language that you are using, but again most of that logic will be wrapped in whatever package you are using or whatever libraries are available for that language. In this video I used GoLang for the server and used the github.com/gorilla/websocket library.

I strongly recommend you read the companion article, or take a look at the other links that I posted that explains HTTPS (some make it much easier to understand). As you seem to have misunderstood the difference between SSL pinning, HTTPS and a proxy. I also strongly recommend that you seek professional guidance from a security company if you are a payment gateway service provider. I do not want to be held liable for what I say in a KZbin comment :) But to clear up some confusion. Burp is a tool used my "hackers" to intercept the traffic between a application and the end network it is communicating with. Burp is a proxy tool, to intercept the traffic. SSL pinning is a security technique where you hardcode your app to only accept certain SSL certificates (your endpoint or API's cert, for example). If SSL pinning is done correctly then Burp will not be able to intercept the traffic, as the application will not recognise the certificate that burp presents. The only reason I generated certificates using Burp in the video was in order to Proxy the application (not to provide SSL pinning), and to show how to proxy. Note that I typed this on a phone, so excuse any mistakes. But I suggest read up more on SSL/HTTPS and then SSL pinning. Or seek professional advice. Good luck

@@FunwithFlutter Thank You so much for this valuable suggestion.

I just recently found different issues on ssl pinning for flutter based on self signed and trusted CA certificate. Although we can use self certificate for development test. I was suggested to use trusted CA, and also I learned through your articles which has reflected clear concepts of CA. You will probably want to create video on this If i once implement this and share you my study. Right now there is an issue with badCertificateCallBack returning only root CA certificate of trusted CA issuer rather than the whole chain (parent, leaf, intermediate) of my server certificate provided to my server, this was already issued in flutter github.

Yes ill second that, also plz cover oauth 2.0 authentication point

Correct. I also don't recommend doing SSL pinning at all in 2022

stackoverflow.com/questions/54104685/flutter-add-self-signed-certificate-from-asset-folder

But self-signed certificates should only be used for testing purposes.

Thanks for the question. I don't remember if I mention it in the video, but this is basically the exact opposite of what you want. This is telling your app to trust ALL certificates. It's basically removing the "identity" security that SSL certificates provide, meaning anyone can Man-in-the-Middle the app's traffic, by presenting ANY certificate. A no-no. Check out the blog post, at the end of the post there's a section called "Considering Security" - there I go into more detail. Blog post: blog.funwith.app/posts/proxy-flutter-apps/

@@FunwithFlutter Thank you for your answer. Actually I implemented what you have written in that section, but it didn't work out. Then I tried to implement that code to HttpOverride that I mentioned above. I couldn't make it run. Maybe I missed something. Because this HttpOverride method is not async and you use " await rootBundle ". Then It has to return HttpClient which I couldn't handle. Because of I couldn't implement your code to this HttpOverride, I have asked you to can you extend this HttpOverride method with yours. Thanks again.

Hi! KZbin should do this automatically. In the video screen at the bottom right (toolbar) there is a button call CC. Make sure that is highlighted and it should give subtitles in English. If you want a different language you can hit the settings button (the one next to CC) and you will now see an option for subtitles, click that and from there you can select a language. KZbin will automatically translate it. I cannot promise how good that will be but you can give it a shot :)