[webkit-dev] Unverified cert: Allow wss:// if user has accepted https:// warning? (WebKit Bug 41419)
Adam Barth
abarth at webkit.org
Tue Jun 28 10:28:21 PDT 2011
This isn't a WebKit issue. It's an issue for the embedding
application. You'll need to file a bug with the relevant browser
vendor. For Apple, you can use https://bugreport.apple.com/ or
Chromium, you can use http://new.crbug.com/
Good luck!
Adam
On Tue, Jun 28, 2011 at 8:39 AM, Mossman, Paul (Paul)
<paulmossman at avaya.com> wrote:
> Hi all,
>
>
>
> I originally sent this to webkit-help, but I probably should have posted it
> here instead.
>
>
>
> I'd like to request an alternate resolution to the following issue:
>
> https://bugs.webkit.org/show_bug.cgi?id=41419 We should log the reason
> when a secure wss WebSocket connection could not be established
>
> (was: Secure wss WebSocket connections cannot be established)
>
> Consider an example https://appliance.example.com, which uses a self-signed
> SSL certificate. iOS Safari will warn the user:
>
> Cannot Verify Server Identify
>
> Safari can't verify the identity of "appliance.example.com".
>
> Would you like to continue anyway?
>
>
>
> Cancel / Details / Continue
>
>
>
> The user chooses to "Continue". Safari then trusts the identity of
> "appliance.example.com", and proceeds. The resulting HTML may spawn
> additional https:// requests, which will also proceed.
>
> Suppose though that a wss:// connection to "appliance.example.com" is
> initiated. As issue 41419 states, this will fail in Safari and WebKit
> (r87480.)
>
> Chrome on the other hand, consider the user's acceptance of the server's
> identity as valid for both wss:// and https:// connection. This seems
> reasonable. The user accepted the server's identity, with no caveat on the
> protocol.
>
> Can this behaviour be implemented in WebKit as the resolution to issue
> 41419?
>
>
>
> -Paul
>
> paulmossman at avaya.com
>
> _______________________________________________
> webkit-dev mailing list
> webkit-dev at lists.webkit.org
> http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
>
>
More information about the webkit-dev
mailing list