Confirm that client is unable to send data before verifying server identity #400

lawrence-forooghian · 2024-04-25T17:31:11Z

Our implementation of verification of the server’s TLS certificate is performed after the TLS handshake completes. Make sure that there’s no way that we might be sending any data to the server before verifying the certificate.

This applies to both the WebSocket code contained in this repo, and the HTTP code contained in https://github.com/ably-forks/em-http-request; they contain the same verification logic.

┆Issue is synchronized with this Jira Task by Unito

lawrence-forooghian added the bug Something isn't working. It's clear that this does need to be fixed. label Apr 25, 2024

lawrence-forooghian self-assigned this Apr 25, 2024

lawrence-forooghian added investigate Requires further investigation to decide the most appropriate label(s). and removed bug Something isn't working. It's clear that this does need to be fixed. labels Apr 25, 2024

sync-by-unito bot unassigned lawrence-forooghian Aug 14, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Confirm that client is unable to send data before verifying server identity #400

Confirm that client is unable to send data before verifying server identity #400

lawrence-forooghian commented Apr 25, 2024 •

edited by sync-by-unito bot

Loading

Confirm that client is unable to send data before verifying server identity #400

Confirm that client is unable to send data before verifying server identity #400

Comments

lawrence-forooghian commented Apr 25, 2024 • edited by sync-by-unito bot Loading

lawrence-forooghian commented Apr 25, 2024 •

edited by sync-by-unito bot

Loading