Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Specify the SSL protocol #10174

Closed
ariya opened this Issue · 12 comments

7 participants

@ariya
Owner

hw...@microwayes.net commented:

Which version of PhantomJS are you using?

What steps will reproduce the problem?
1. Try to open a site with an invalid certificate, with or without --ignore-ssl-errors
2. Loaded callback is never called
3.

What is the expected output? What do you see instead?
Expected to callback with status fail, or if --ignore-ssl-errors=yes then success and load page

Which operating system are you using?
Ubuntu 11.04

Did you use binary PhantomJS or did you compile it from source?
From source, 1.2

Please provide any additional information below.
Example script

function open(url)
{
var page = new WebPage();
page.settings.loadImages = false;
page.open(url, function(status)
{
console.log(page.evaluate(function(){ return document.location.toString(); }) + status);
});
}

open('https://www.greg.gg/webCompSearch.aspx'); // Valid according to my cert bundle, loads
open('https://abr.gov.au/'); // Valid according to my cert bundle, loads
open('https://www.onapi.gob.do/servicios/signos.aspx'); // Invalid according to my cert bundle, fails
open('https://www.roc.gov.bm/roc/rocweb.nsf/search+company+name'); // Invalid according to my cert bundle, fails

Disclaimer:
This issue was migrated on 2013-03-15 from the project's former issue tracker on Google Code, Issue #174.
:star2:   12 people had starred this issue at the time of migration.

@st3fan

stefan.a...@gmail.com commented:

This still happens in 1.6. For example on https://www.fas.org/blog/secrecy/2012/04/kiriakou_hurdles.html and with or without the --ignore-ssl-errors=yes option.

@raynor08

rayno...@gmail.com commented:

I'm seeing issue when using PhantomJS with our internal websites with self-signed certificate, with or without --ignore-ssl-errors seems not make any difference

@ariya
Owner

aimo...@gmail.com commented:

Reproduced with Ubuntu 10.10 and Ubuntu 12.04, with version 1.6.2

$ phantomjs -v
1.6.2
$ phantomjs --ignore-ssl-errors=yes examples/netsniff.coffee https://encrypted.google.com/ | head -1
{
$ phantomjs --ignore-ssl-errors=yes examples/netsniff.coffee https://www.clarifiednetworks.com/ | head -1
FAIL to load the address

@JamesMGreene
Collaborator

james.m....@gmail.com commented:

Update: Vitaliy has a fix for this underway.

His research: https://groups.google.com/forum/?fromgroups=#!topic/phantomjs/QgwweHYv4HU
WIP branch: https://github.com/Vitallium/phantomjs/tree/allow-to-specify-ssl-protocol
Primary fix commit: Vitallium@419f997

Pull request has not yet been submitted as he is looking for feedback from one of the core devs first.

 

Metadata Updates

@detro
Collaborator

detroniz...@gmail.com commented:

I like this idea (and I think is long overdue) but I found some small
things that need to be improved in terms of what/how SSL protocols are
supported.

I'll add my comments to the commit as a code review.

thanks
Ivan

@detro
Collaborator

detroniz...@gmail.com commented:

I'm done with my code review. See your pull requests.

I want to rehiterate my appreciation for this idea: this feature sets PhantomJS AHEAD of any other WebDriver-enabled Browser. Why? Because all of them require a LOT of fiddling with Proxy and Certificate injection to be able to bypass SSL alerts.

This API puts PhantomJS in the lead for Developer friendliness (well, this features and many others that this amazing community works on :) ).

Thanks again
Ivan

@JamesMGreene
Collaborator

james.m....@gmail.com commented:

Thanks for finding time to code review this, Ivan. Totally agree that this enhancement will be a BIG win for PhantomJS! :)
~~James

 

Metadata Updates

@Vitallium
Collaborator

vitaliy....@gmail.com commented:

Big thanks Ivan!
PR: #333
And I have a question. How do I create test(s) for this feature?

@ariya
Owner

hw...@arachnys.com commented:

Thanks Vitaliy and Ivan, that's great news. Will give it a whirl soon.

@detro
Collaborator

detroniz...@gmail.com commented:

Fixed by Vitaliy's Pull Request: #333

 

Metadata Updates

  • Milestone updated: Release1.8 (was: ---)
  • Status updated: Fixed
@detro detro closed this
@ariya
Owner

ariya.hi...@gmail.com commented:

Allow to specify the SSL protocol for a requests.
b834f2a

QSslConfiguration: SSLv3 should be the default value
f3d9209

 

Metadata Updates

  • Title updated: Specify the SSL protocol
@dbrgn

Sorry for commenting on this old issue, but why was SSLv3 pinned as the default version? The result is that PhantomJS cannot load any page that requires TLSv1 or higher.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.