Essentially, I wanted to ensure that server-to-server HTTP requests use TLS securely in open source projects, but unfortunately a lot of code disabled TLS verification in PHP software.
Including eCommerce plugins.
Including eCommerce plugins that connect to Authorize.net payment gateways.
grimace
However, no equivalent JavaScript solution exists for solving this problem.
I was concerned that a lot of the developers who used to write vulnerable PHP code might also be working in the Electron/Cordova/etc. ecosystem today, and if they retained any of their bad habits from their PHP + ext/curl days, their products would be at risk.
So I decided to port this library to Node.js. Let me know what you think.
A couple years ago I started developing an open source PHP library called Certainty. You can read about it here: https://paragonie.com/blog/2017/10/certainty-automated-cacer...
Essentially, I wanted to ensure that server-to-server HTTP requests use TLS securely in open source projects, but unfortunately a lot of code disabled TLS verification in PHP software.
Including eCommerce plugins.
Including eCommerce plugins that connect to Authorize.net payment gateways.
grimace
However, no equivalent JavaScript solution exists for solving this problem.
I was concerned that a lot of the developers who used to write vulnerable PHP code might also be working in the Electron/Cordova/etc. ecosystem today, and if they retained any of their bad habits from their PHP + ext/curl days, their products would be at risk.
So I decided to port this library to Node.js. Let me know what you think.