fix: switch reqwest client to use rustls-tls for improved security #5559

src-tauri/src/cmd/media_unlock_checker/bahamut.rs

@@ -11,6 +11,7 @@ pub(super) async fn check_bahamut_anime(client: &Client) -> UnlockItem {
     let cookie_store = Arc::new(Jar::default());
 
     let client_with_cookies = match Client::builder()
+        .use_rustls_tls()
         .user_agent("Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36")
         .cookie_provider(Arc::clone(&cookie_store))
         .build() {

src-tauri/src/cmd/media_unlock_checker/mod.rs

@@ -42,6 +42,7 @@ pub async fn get_unlock_items() -> Result<Vec<UnlockItem>, String> {
 #[command]
 pub async fn check_media_unlock() -> Result<Vec<UnlockItem>, String> {
     let client = match Client::builder()
+        .use_rustls_tls()
         .user_agent("Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36")
         .timeout(std::time::Duration::from_secs(30))
         .danger_accept_invalid_certs(true)

src-tauri/src/core/backup.rs

@@ -114,6 +114,7 @@ impl WebDavClient {
         let client = reqwest_dav::ClientBuilder::new()
             .set_agent(
                 reqwest::Client::builder()
+                    .use_rustls_tls()
                     .danger_accept_invalid_certs(true)
                     .timeout(Duration::from_secs(op.timeout()))
                     .user_agent(format!("clash-verge/{APP_VERSION} ({OS} WebDAV-Client)"))

src-tauri/src/utils/network.rs

@@ -110,6 +110,7 @@ impl NetworkManager {
         timeout_secs: Option<u64>,
     ) -> Result<Client> {
         let mut builder = Client::builder()
+            .use_rustls_tls()
             .redirect(reqwest::redirect::Policy::limited(10))
             .tcp_keepalive(Duration::from_secs(60))
             .pool_max_idle_per_host(0)