jamesgolick/always_verify_ssl_certificates
Ruby's net/http is setup to never verify SSL certificates by default. Most ruby libraries do the same. That means that you're not verifying the identity of the server you're communicating with and are therefore exposed to man in the middle attacks. This gem monkey-patches net/http to force certificate verification and make turning it off impossible.
RubyMIT
Stargazers
- ahowardhttps://www.matanuskafrontiertrek.com/
- andycrollGood Scary
- baldowlShopify
- bdotdubPatreon
- bensieSan Diego, CA
- bigfleetMainline
- brandondrewUC Berkeley
- bryanjswiftWashington, DC
- brynaryCode Climate
- christos@lingokids
- cmerFrisco, DFW, TX
- coffeeworksAmazon
- dballDurham, NC
- fannarInternet
- gregwebsDigital Mint
- grobie@gigs
- hchoroomi
- huacnlee@longbridgeapp
- indirectSan Francisco
- jaggederestPortland, OR
- jamesgolickNormal
- johnclausThe Front Range
- jweissAmazon Web Services
- jwilkinsSan Francisco, CA
- kfaustinoRemarkable Labs Inc.
- loeSeattle, WA
- pctj101Earth
- phlipperNear Lake Tahoe, CA
- precipice
- slmingolSomewhere in the contintental US
- stanTokyo, Japan
- subakvaArlington, MA
- taf2CallTrackingMetrics
- terrcinWellington; New Zealand
- thibaudggElectricFeel AG
- trptcolinMundelein, IL