Our implementation of verification of the server’s TLS certificate is performed after the TLS handshake completes. Make sure that there’s no way that we might be sending any data to the server before verifying the certificate.
This applies to both the WebSocket code contained in this repo, and the HTTP code contained in https://github.com/ably-forks/em-http-request; they contain the same verification logic.
Our implementation of verification of the server’s TLS certificate is performed after the TLS handshake completes. Make sure that there’s no way that we might be sending any data to the server before verifying the certificate.
This applies to both the WebSocket code contained in this repo, and the HTTP code contained in https://github.com/ably-forks/em-http-request; they contain the same verification logic.
┆Issue is synchronized with this Jira Task by Unito