summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
da4568f)
Do not disable CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER to
actually enforce certificate verification on TLS connections.
This was a relic of some early experimental code and should have not
made it to the stable release.
Moreover the value passed to CURLOPT_SSL_VERIFYHOST was also of the
wrong type, it should have been an integer rather than a boolean.
CURLOPT_FOLLOWLOCATION => TRUE,
CURLOPT_COOKIEFILE => "",
CURLOPT_RETURNTRANSFER => TRUE,
CURLOPT_FOLLOWLOCATION => TRUE,
CURLOPT_COOKIEFILE => "",
CURLOPT_RETURNTRANSFER => TRUE,
- CURLOPT_SSL_VERIFYHOST => FALSE,
- CURLOPT_SSL_VERIFYPEER => FALSE,
CURLOPT_HTTPHEADER => array('Accept-language: en'),
CURLOPT_USERAGENT => Tweeper::$userAgent,
));
CURLOPT_HTTPHEADER => array('Accept-language: en'),
CURLOPT_USERAGENT => Tweeper::$userAgent,
));
// Follow http redirects to get the real URL.
CURLOPT_FOLLOWLOCATION => TRUE,
CURLOPT_RETURNTRANSFER => TRUE,
// Follow http redirects to get the real URL.
CURLOPT_FOLLOWLOCATION => TRUE,
CURLOPT_RETURNTRANSFER => TRUE,
- CURLOPT_SSL_VERIFYHOST => FALSE,
- CURLOPT_SSL_VERIFYPEER => FALSE,
CURLOPT_USERAGENT => Tweeper::$userAgent,
));
CURLOPT_USERAGENT => Tweeper::$userAgent,
));