:insecure? on request is ignored if a connection manager is used

[bfontaine]

I don’t know if this is voluntary.

If you call clj-http.core/request with {:insecure? true, :connection-manager my-mgr}, the :insecure? option is silently ignored.

That option is only used to create a defaut connection manager if you don’t already give one:

; simplified code from src/clj_http/core.clj
; original one: https://github.com/dakrone/clj-http/blob/eee52198d7776e3e6d965fbade9296918efc8cca/src/clj_http/core.clj#L571-L572
(defn request
  ([{:keys [connection-manager] :as req} ...]
   (let [conn-mgr (or connection-manager ;; either use the provided manager…
                      (get-conn-mgr req)) ;; or create a new one with the request options, including :insecure?
     ...

If this is not voluntary, we should fix it. If it is, we should clarify that behavior in the documentation.

[dakrone]

Since the insecure option gets encoded into the connection manager, it'd be nice if an exception was thrown if someone tried to specify both at once, so that people know about it.