Skip to content

Instantly share code, notes, and snippets.

View tpickett66's full-sized avatar
🐢

Tyler Pickett tpickett66

🐢
View GitHub Profile
@tam7t
tam7t / gist:86eb4793e8ecf3f55037
Last active April 14, 2022 10:57
Securing Ruby's OpenSSL

Are your Ruby HTTPS API calls secure?

Let's check:

2.0.0-p481 :001 > OpenSSL::SSL::SSLContext::DEFAULT_PARAMS
 => {:ssl_version=>"SSLv23", :verify_mode=>1, :ciphers=>"ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW", :options=>-2147482625}
2.0.0-p481 :002 > rating = JSON.parse(RestClient::Resource.new("https://www.howsmyssl.com/a/check" ).get)['rating']
 => "Bad"