From f5aa1ee8ac32804b672449978ab78a6bb635b17f Mon Sep 17 00:00:00 2001
From: Evan Hahn <evan.hahn@airtable.com>
Date: Mon, 28 Oct 2019 13:00:41 -0500
Subject: [PATCH] Properly reject unauthorized certificates (#140)

We only want Airtable.js to connect to servers with authorized SSL
certificates, at least by default.

Before this change, we weren't doing that. By default, this library
would connect to a site with an unauthorized SSL certificate by default.
(Confusingly, you could fix this by setting the undocumented
`allowUnauthorizedSsl` option to `false`, which is backwards!)

This change fixes that. Now the `allowUnauthorizedSsl` option works as
expected, and more importantly, we will reject unauthorized certificates
by default.
---
 lib/run_action.js | 2 +-
 test/base.test.js | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/run_action.js b/lib/run_action.js
index ea95264f..79c7865c 100644
--- a/lib/run_action.js
+++ b/lib/run_action.js
@@ -43,7 +43,7 @@ function runAction(base, method, path, queryParams, bodyData, callback, numAttem
         headers: headers,
         // agentOptions are ignored when running in the browser.
         agentOptions: {
-            rejectUnauthorized: base._airtable._allowUnauthorizedSsl
+            rejectUnauthorized: !base._airtable._allowUnauthorizedSsl
         },
     };
 
diff --git a/test/base.test.js b/test/base.test.js
index ebd99505..c07da272 100644
--- a/test/base.test.js
+++ b/test/base.test.js
@@ -30,7 +30,7 @@ describe('Base', function() {
                     'User-Agent': 'Airtable.js/' + version
                 },
                 agentOptions: {
-                    rejectUnauthorized: false
+                    rejectUnauthorized: true
                 }
             }, expect.any(Function));