lganzzzo
commented
1 year ago This is a great PR, Thank you @arnoldgeels! Merged
Closed arnoldgeels closed 1 year ago
lganzzzo
commented
1 year ago This is a great PR, Thank you @arnoldgeels! Merged
When I used the excellent oat++ library to make a call, I noticed that the certificate from the server was not checked against a list of trusted roots, and that the server name was not matched. Certificate verification and hostname validation protect against man-in-the-middle attacks. I modified the code to add these features, then decided to submit it.