Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SavePageNow can't record websites whose CA certificate is slightly misconfigured #1284

Closed
VascoRatoFCCN opened this issue Jun 7, 2022 · 4 comments
Closed

SavePageNow can't record websites whose CA certificate is slightly misconfigured #1284

VascoRatoFCCN opened this issue Jun 7, 2022 · 4 comments
Assignees
@VascoRatoFCCN
Labels
Component-DataAcquisition-SavePageNow pywb recorder Impact-Medium Type-Bug
Milestone
Godhelpus

Comments

@VascoRatoFCCN
Copy link

When trying to record some websites like www.essv.ipv.pt or stayawaycovid.pt we get the following response:

image

However, web browsers have no problem accessing these websites:

image

It happens because the CA certificate is missing some information that most web browsers can easily fill in. SavePageNow before starting to record a webpage, it tries to do a http request to the requested website. If anything goes wrong it doesn't start recording, in this case we get an error due to a misconfigured CA certificate.
@VascoRatoFCCN VascoRatoFCCN added this to the Fortuna milestone Jun 7, 2022
@VascoRatoFCCN VascoRatoFCCN self-assigned this Jun 7, 2022
@VascoRatoFCCN
Copy link
Author

VascoRatoFCCN commented Jun 7, 2022
edited
Loading

arquivo/arquivo-webapp-eros@8e73a64 changes the checking behavior. Instead of blocking the request, it lets it go through and logs the error. e.g.:
image

This is good because we are no longer blocking users from using our service.

However, we now are susceptible to getting some cryptic messages while trying to use SavePageNow:
image

This SO answer has a solution to the CA certificate problem. We should analyze the logs to see if we should back to the previous implementation using this fix.

@VascoRatoFCCN
Copy link
Author

A related problem, SavePageNow can be used to bypass security verification, it works on many of https://badssl.com/ examples of bad SSL.
How the browser reacts:
image
How SavePageNow reacts:
image

@arquivo-awp
Copy link

arquivo-awp commented Jul 26, 2022
edited
Loading

  1. Remove pre-validation of URL on front-end.
  2. Configure default error message on Pywb to avoid "ugly" error message on milestone Godhelpus https://github.com/arquivo/pwa-technologies/milestone/25

@arquivo-awp arquivo-awp modified the milestones: Fortuna, Godhelpus Jul 26, 2022
This was referenced Jul 26, 2022
Closed
Closed
VascoRatoFCCN added a commit to arquivo/arquivo-webapp-eros that referenced this issue Jul 28, 2022
@VascoRatoFCCN
Removed pre-validation of URL ( arquivo/pwa-technologies#1284 )
c24ed83
@VascoRatoFCCN VascoRatoFCCN modified the milestones: Fortuna, Godhelpus Jul 28, 2022
VascoRatoFCCN added a commit to arquivo/arquivo-webapp-eros that referenced this issue Jul 28, 2022
@VascoRatoFCCN
Removed pre-validation of URL ( arquivo/pwa-technologies#1284 )
1ed32e3
@VascoRatoFCCN VascoRatoFCCN mentioned this issue Aug 3, 2022
Closed
@VascoRatoFCCN VascoRatoFCCN mentioned this issue Aug 30, 2022
Closed
@dcgomes
Copy link
Collaborator

dcgomes commented Nov 4, 2022

Fixed

@dcgomes dcgomes closed this as completed Nov 4, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@VascoRatoFCCN VascoRatoFCCN

Labels
Component-DataAcquisition-SavePageNow pywb recorder Impact-Medium Type-Bug
Projects
None yet
Milestone
Godhelpus
Development

No branches or pull requests
3 participants
@dcgomes @arquivo-awp @VascoRatoFCCN