Fix - [CodeQL.SM03853] Removing that accepts all certificates, Fixes AB#3064771

AzureAD / microsoft-authentication-library-common-for-android

Common code used by both the Active Directory Authentication Library (ADAL) and the Microsoft Authentication Library (MSAL)

MIT License

41 stars 36 forks source link

Fix - [CodeQL.SM03853] Removing that accepts all certificates, Fixes AB#3064771 #2519

Closed iamgusain closed 1 month ago

iamgusain commented 1 month ago

Fixing issue reported by CodeQL

Removing code path in testing libraries (keyvault and labapi) which uses TrustManager that accepts all certificates for SSL verification. This code path is not secure and can lead to potential security vulnerabilities and should not be used in production code.

AB#3064771

github-actions[bot] commented 1 month ago

❌ Work item link check failed. Description does not contain AB#{ID}.

Click here to Learn more.

github-actions[bot] commented 1 month ago

✅ Work item link check complete. Description contains link AB#3064771 to an Azure Boards work item.