From a8eadf40b0d681a41568f2425ebf379fabb938f3 Mon Sep 17 00:00:00 2001
From: Alicia Sykes <alicia@omg.lol>
Date: Sun, 13 Aug 2023 13:57:48 +0100
Subject: [PATCH] Makes SSL check much more comprehensive

---
 api/ssl.js | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/api/ssl.js b/api/ssl.js
index 22d998f..2305867 100644
--- a/api/ssl.js
+++ b/api/ssl.js
@@ -1,10 +1,20 @@
 const https = require('https');
 const middleware = require('./_common/middleware');
+const urlModule = require('url');
 
-const fetchSiteCertificateHandler = async (url) => {
+const fetchSiteCertificateHandler = async (urlString) => {
   try {
+    const parsedUrl = urlModule.parse(urlString);
+    const options = {
+      host: parsedUrl.hostname,
+      port: parsedUrl.port || 443, // Default port for HTTPS
+      method: 'GET',
+      servername: parsedUrl.hostname, // For SNI
+      rejectUnauthorized: false // Disable strict SSL verification (use with caution)
+    };
+
     const response = await new Promise((resolve, reject) => {
-      const req = https.request(url, res => {
+      const req = https.request(options, res => {
         
         // Check if the SSL handshake was authorized
         if (!res.socket.authorized) {
@@ -14,7 +24,6 @@ const fetchSiteCertificateHandler = async (url) => {
           if (!cert || Object.keys(cert).length === 0) {
             reject(new Error("No certificate presented by the server."));
           } else {
-            // omit the raw and issuerCertificate fields
             const { raw, issuerCertificate, ...certWithoutRaw } = cert;
             resolve(certWithoutRaw);
           }