is
Specifies whether it is acceptable to communicate with a build cache over an insecure HTTP connection.
For security purposes this intentionally requires a user to opt-in to using insecure protocols on case by case basis.
Gradle intentionally does not offer a global system/gradle property that allows a universal disable of this check.
Allowing communication over insecure protocols allows for a man-in-the-middle to impersonate the intended server, and gives an attacker the ability to serve malicious executable code onto the system.
See also: Want to take over the Java ecosystem? All you need is a MITM!
Since
6.0