Firefox Websocket 安全问题 [英] Firefox Websocket security issue
问题描述
我们在 Linode 机器上的端口 8080 上设置了一个 websocket 服务器.Chrome 和 Opera 工作得很好.然而,Firefox 抱怨操作不安全.
操作不安全:代码 18"
如果我在页面加载之前尝试在 Web 控制台中创建一个新的 WebSocket 对象,一切都很好.但是,在页面加载某些内容后,我无法再创建该对象.请参阅随附的屏幕截图.
我不知道什么操作是不安全的,甚至不知道如何进行诊断.
我解决了这个问题.应用程序本身在 SSL 下,但正在访问的 websocket 不是.Chrome 和 Opera 不在乎,但 Firefox 不在乎.根据:
https://bugzilla.mozilla.org/show_bug.cgi?id=303952>
这是已知的,不被视为错误.Mozilla 的回应:wontfix
解决办法,把websocket server放在SSL下,使用wss://
We have a websocket server on port 8080 setup on a Linode box. Chrome and Opera work just fine. Firefox however complains that the operation is insecure.
"The operation is insecure: Code 18"
If I try to create a new WebSocket object in the web console before the page is loaded everything is fine. However, after the page loads something is screwy then I cannot create the object anymore. See the attached screenshot.
I have no idea what operation is insecure or even how to go about diagnosing this.
I fixed this. The app itself is under SSL but the websocket being accessed is not. Chrome and Opera don't care but Firefox does. According to:
https://bugzilla.mozilla.org/show_bug.cgi?id=303952
This is known and is not considered a bug. Mozilla's response: wontfix
Solution, put websocket server under SSL and use wss://
这篇关于Firefox Websocket 安全问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!