Menu
What is the difference between strictSSL=false and rejectUnauthorized=false options in NodeJS?
The names are confusing and I did not find documentation, explaining the difference.
452
I think these two flag options are used in different context and are not exactly comparable. On one hand, you can look at rejectUnauthorized=false flag in node runtime context which does as quoted in this answer :
By setting rejectUnauthorized: false, you're saying "I don't care if I can't verify the server's identity." Obviously, this is not a good solution as it leaves you vulnerable to MITM attacks.
Whereas you can look at strictSSL=false as more build and setup context as this is the flag you pass to npm when installing dependencies from an HTTP source rather than https as mentioned in this post.
HTH.
93
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
