Skip to content

DEV Community

Scott Watermasysk

Posted on Feb 9, 2019 • Originally published at scottw.com on Feb 7, 2019

SSL::VERIFY_NONE - NEVER!

#ruby #ssl #security

I saw this little doozy as recommend code for (Ruby) API access:

http.verify_mode = OpenSSL::SSL::VERIFY_NONE

This effectively disables SSL checks and is not something anyone should be recommending….ever.

Top comments (0)

Subscribe

Read next

Part 4: SQL Injection Series: Real-World Scenarios Deep Dive

Trix Cyrus - Dec 1

Code Smell 282 - Bad Defaults

Maxi Contieri - Nov 30

Increase Debian based Linux VPS server’s security

Shakhzhakhan Maxudbek - Nov 30

NET 9 BinaryFormatter migration paths

Karen Payne - Nov 30

Scott Watermasysk

Boostrapped Founder. In to Ruby, Rails, JavaScript, VSCode, React, Tailwind, and more.

Location

New Jersey
Work

Founder at KickoffLabs
Joined

Jan 28, 2019

Markdown Views ❤️

#rails #markdown #ruby

Active Decorator

Table Print Gem