hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 03:05:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: mention MITM

Browse Source
This commit is contained in:
Esben Sparre Andreasen
2020-06-19 11:56:46 +02:00
parent 44aa182d0d
commit 457588e893
1 changed files with 7 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
javascript/ql/src/Security/CWE-295/DisablingCertificateValidation.qhelp
View File

@@ -7,9 +7,10 @@
<p>
Certificate validation is the standard authentication
method of a secure TLS connection. Without it, there is no guarantee
about who the other party of a TLS connection is.
Certificate validation is the standard authentication method of a
secure TLS connection. Without it, there is no guarantee about who the
other party of a TLS connection is, enabling man-in-the-middle
attacks.
</p>
@@ -61,8 +62,9 @@
<references>
<li>Wikipedia: <a href="https://en.wikipedia.org/wiki/Transport_Layer_Security">Transport Layer Security
(TLS)</a></li>
<li>Wikipedia: <a href="https://en.wikipedia.org/wiki/Transport_Layer_Security">Transport Layer Security (TLS)</a></li>
<li>Wikipedia: <a href="https://en.wikipedia.org/wiki/Man-in-the-middle_attack">Man-in-the-middle attack</a></li>
<li>Node.js: <a href="https://nodejs.org/api/tls.html">TLS (SSL)</a></li>