fortuna
commented
1 year ago This Node.js library had the same issue, and this is how they fixed it: https://github.com/murka/outlinevpn-api/commit/1b6cbfc6203ab0abee41a73f592226af72b31647
Closed fortuna closed 1 year ago
fortuna
commented
1 year ago This Node.js library had the same issue, and this is how they fixed it: https://github.com/murka/outlinevpn-api/commit/1b6cbfc6203ab0abee41a73f592226af72b31647
jadolg
commented
1 year ago I think this should do the job https://github.com/jadolg/outline-vpn-api/pull/11 Would you mind a quick review?
jadolg
commented
1 year ago Released in version 3.0.0
The API checks the fingerprint on a test request in the constructor, but doesn't check the fingerprint in the actual requests, so they are not protected. You should validate the fingerprint on every request.