pkg/tls: remove InsecureSkipVerify=true flag (#4265)

CWE-295 code scanning alert flag this. Seems OK to just remove it. Signed-off-by: Miek Gieben <miek@miek.nl>
2025-10-31 02:03:20 -04:00 · 2020-11-05 20:08:59 +01:00
parent 723e9b06a4
commit 049369583b
1 changed files with 0 additions and 5 deletions
--- a/plugin/pkg/tls/tls.go
+++ b/plugin/pkg/tls/tls.go
@@ -108,11 +108,6 @@ func loadRoots(caPath string) (*x509.CertPool, error) {

 // NewHTTPSTransport returns an HTTP transport configured using tls.Config
 func NewHTTPSTransport(cc *tls.Config) *http.Transport {
-	// this seems like a bad idea but was here in the previous version
-	if cc != nil {
-		cc.InsecureSkipVerify = true
-	}
-
 	tr := &http.Transport{
 		Proxy: http.ProxyFromEnvironment,
 		Dial: (&net.Dialer{