Skip to content

Confirm that client is unable to send data before verifying server identity #400

New issue
New issue
Open
Open
Confirm that client is unable to send data before verifying server identity#400
Labels
investigateRequires further investigation to decide the most appropriate label(s).
@lawrence-forooghian

Description

@lawrence-forooghian
lawrence-forooghian
opened on Apr 25, 2024

Our implementation of verification of the server’s TLS certificate is performed after the TLS handshake completes. Make sure that there’s no way that we might be sending any data to the server before verifying the certificate.

This applies to both the WebSocket code contained in this repo, and the HTTP code contained in https://github.com/ably-forks/em-http-request; they contain the same verification logic.

┆Issue is synchronized with this Jira Task by Unito

Metadata

Metadata

Assignees

No one assigned

    Labels

    investigateRequires further investigation to decide the most appropriate label(s).

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions