CVE-2013-0240: Do not allow invalid SSL certificates
None of the branded providers (eg., Google, Facebook and Windows Live) should ever have an invalid certificate; and in this version of GOA, that's all we have. So set "ssl-strict" on the SoupSession object being used by GoaWebView. Reviewed-by: Debarshi Ray <debarshir@gnome.org> Bug: https://bugzilla.gnome.org/show_bug.cgi?id=693214
parent
9559a342
Please register or sign in to comment