fix: remove insecure TLS configurations

sassoftware / sas-airflow-provider

Apache Airflow Provider for creating tasks in Airflow to execute SAS Studio Flows and Jobs.

Apache License 2.0

18 stars 15 forks source link

fix: remove insecure TLS configurations #6

Closed Carus11 closed 1 year ago

Carus11 commented 1 year ago

Fixes #1 The original code disables insecure HTTP requests warnings, which means that it does not verify the authenticity of the SSL certificate presented by the SAS server. This makes the code vulnerable to man-in-the-middle (MITM) attacks where an attacker can intercept and modify requests sent to the server. It is recommended to verify the SSL certificate of the server by enabling SSL verification.

Signed-off-by: Carus Kyle caruskyle@gmail.com

Carus11 commented 1 year ago

Hi @AndrewShakinovsky-SAS can you please review this?

AndrewShakinovsky-SAS commented 1 year ago

Waiting on @Carus11 to test changes

AndrewShakinovsky-SAS commented 1 year ago

Fixed in 0.0.9