HTTPClient lib - add HTTPCLIENT_NOSECURE build flag

[vortigont]

Now it is impossible to use HTTPClient lib without bringing all mbedTLS stuff along, even when no https connections requred.

HTTPCLIENT_NOSECURE build flag disables TLS support in HTTPClient library by excluding NetworkClientSecure.h header.
This allows linker to strip down mbedTLS lib and certificates bundle, which in turn reduces firmware image for about ~80kib.

Could be handy for the cases when no encrypted http connections required for the sake of saving firmware size.

Tested on all HTTPClient lib examples, firmware image size reduction is about 80kib, RAM reduction is about 600 bytes.

origin:

Per-archive contributions to ELF file:
    Archive File     DRAM .data & 0.bss IRAM0 .text & 0.vectors ram_st_total Flash .text & .rodata  & flash_total
    libmbedcrypto.a         144      85          30           0          259       83098     52516         135788
    libmbedtls_2.a           72     488           0           0          560       32160      7339          39571

RAM:   [=         ]  13.3% (used 43712 bytes from 327680 bytes)
Flash: [========  ]  78.5% (used 1029069 bytes from 1310720 bytes)

this PR:

Per-archive contributions to ELF file:
    Archive File     DRAM .data & 0.bss IRAM0 .text & 0.vectors ram_st_total Flash .text & .rodata    flash_total
    libmbedcrypto.a         144      85          30           0          259       67325     41566         109065

RAM:   [=         ]  13.2% (used 43144 bytes from 327680 bytes)
Flash: [=======   ]  72.0% (used 943213 bytes from 1310720 bytes)

[github-actions]

Warnings

⚠️

Some issues found for the commit messages in this PR: the commit message "HTTPClient lib - add HTTPCLIENT_NOSECURE build flag": summary looks empty type/action looks empty the commit message "Update HTTPClient.cpp": summary looks empty type/action looks empty Please fix these commit messages - here are some basic tips: follow Conventional Commits style correct format of commit message should be: <type/action>(<scope/component>): <summary>, for example fix(esp32): Fixed startup timeout issue allowed types are: change,ci,docs,feat,fix,refactor,remove,revert,test sufficiently descriptive message summary should be between 20 to 72 characters and start with upper case letter avoid Jira references in commit messages (unavailable/irrelevant for our customers) TIP: Install pre-commit hooks and run this check when committing (uses the Conventional Precommit Linter).

	Messages
📖	You might consider squashing your 3 commits (simplifying branch history).

👋 Hello vortigont, we appreciate your contribution to this project!

---

Click to see more instructions ...

This automated output is generated by the PR linter DangerJS, which checks if your Pull Request meets the project's requirements and helps you fix potential issues.

DangerJS is triggered with each push event to a Pull Request and modify the contents of this comment.

Please consider the following:
- Danger mainly focuses on the PR structure and formatting and can't understand the meaning behind your code or changes.
- Danger is not a substitute for human code reviews; it's still important to request a code review from your colleagues.
- Resolve all warnings (⚠️ ) before requesting a review from human reviewers - they will appreciate it.
- Addressing info messages (📖) is strongly recommended; they're less critical but valuable.
- To manually retry these Danger checks, please navigate to the Actions tab and re-run last Danger workflow.

Review and merge process you can expect ...

We do welcome contributions in the form of bug reports, feature requests and pull requests.

1. An internal issue has been created for the PR, we assign it to the relevant engineer.
2. They review the PR and either approve it or ask you for changes or clarifications.
3. Once the GitHub PR is approved we do the final review, collect approvals from core owners and make sure all the automated tests are passing.
- At this point we may do some adjustments to the proposed change, or extend it by adding tests or documentation.
4. If the change is approved and passes the tests it is merged into the default branch.

Generated by 🚫 dangerJS against 8532b18

[vortigont]

@Jason2866 maybe this could be used in Tasmota's Arduino core. As I remember, it excludes mbedTLS completely, and attempt to use HTTPClient lib with Tasmota's core results in linker error for HTTPClient::begin methods. With this PR it links fine.

[github-actions]

Memory usage test (comparing PR against master branch)

The table below shows the summary of memory usage change (decrease - increase) in bytes and percentage for each target.

Memory	FLASH [bytes]		FLASH [%]		RAM [bytes]		RAM [%]
Target	DEC	INC	DEC	INC	DEC	INC	DEC	INC
ESP32S3	0	0	0.00	0.00	0	0	0.00	0.00
ESP32S2	0	0	0.00	0.00	0	0	0.00	0.00
ESP32C3	0	0	0.00	0.00	0	0	0.00	0.00
ESP32C6	0	0	0.00	0.00	0	0	0.00	0.00
ESP32	0	0	0.00	0.00	0	0	0.00	0.00

Click to expand the detailed deltas report [usage change in BYTES]

Target	ESP32S3		ESP32S2		ESP32C3		ESP32C6		ESP32
Example	FLASH	RAM	FLASH	RAM	FLASH	RAM	FLASH	RAM	FLASH	RAM
HTTPClient/examples/Authorization	0	0	0	0	0	0	0	0	0	0
HTTPClient/examples/BasicHttpClient	0	0	0	0	0	0	0	0	0	0
HTTPClient/examples/BasicHttpsClient	0	0	0	0	0	0	0	0	0	0
HTTPClient/examples/HTTPClientEnterprise	0	0	0	0	0	0	0	0	0	0
HTTPClient/examples/ReuseConnection	0	0	0	0	0	0	0	0	0	0
HTTPClient/examples/StreamHttpClient	0	0	0	0	0	0	0	0	0	0

[github-actions]

Test Results

 56 files   56 suites   5m 16s ⏱️
 21 tests  21 ✅ 0 💤 0 ❌
135 runs  135 ✅ 0 💤 0 ❌

Results for commit 8532b18.

♻️ This comment has been updated with latest results.

[mathieucarbou]

I noticed also in my fork of ESPAsyncWebServer (https://github.com/mathieucarbou/ESPAsyncWebServer). I was able to remove the mbedtls lib on Arduino 2 by using other hash implementations (-88k), but on Arduino 3, mbedtls comes from core so cannot be skipped. Would be nice to have a way to more dynamically reduce the firmware size because libraries and code tend to use more and more space always, but our ESP32 devices are for most part still with the same flash memory.

[Jason2866]

@vortigont Thx for heads up. Don't see an issue using http client in our fork since the client secure code parts are completly removed