profile photo of Colleen DaiColleen Dai
Download Count*

Ensure your code communicates over encrypted channels instead of plaintext.

Run Locally

Rules (53)

profile photo of returntocorpreturntocorp

Checks for setting the environment variable NODE_TLS_REJECT_UNAUTHORIZED to 0, which disables TLS verification. This should only be used for debugging purposes. Setting the option rejectUnauthorized to false bypasses verification against the list of trusted CAs, which also leads to insecure transport. These options lead to vulnerability to MTM attacks, and should not be used.