Hacker News new | ask | show | jobs
by beryllium 4840 days ago
Checking it out - looks like your PHP lib doesn't explicitly declare CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER, so that could be vulnerable to peerjacking. If I have some free time tonight I might be able to submit a PR for it.
1 comments
Goopplesoft 4837 days ago
Hey, sorry didnt check HN comments till now. I will push a fix up for this today.
link