Skip to content
This repository has been archived by the owner on Feb 16, 2024. It is now read-only.

Support wss:// as binding address #36

Open
gjchentw opened this issue Dec 29, 2020 · 3 comments
Open

Support wss:// as binding address #36

gjchentw opened this issue Dec 29, 2020 · 3 comments
Assignees
@asticode
Labels
enhancement

Comments

@gjchentw
Copy link

gjchentw commented Dec 29, 2020
edited
Loading

Currently astilectron uses tcp socket to bind other languages stack, but the data over this connection are easy to be sniffered and insecure for renderer passing data like password or tokens.

Maybe we can consider when start() with [tcp://]ip:port and use the classic tcp way,
and when start() with something like wss://localhost[:port] , use ws to create a secured connection between clinet and language bindings.

Cheers.
@asticode asticode self-assigned this Dec 29, 2020
@asticode
Copy link
Owner

@gjchentw this is a good idea, but who is handling the SSL handshake in this scenario ? And who generates the SSL certificate ?

@gjchentw
Copy link
Author

gjchentw commented Dec 29, 2020
edited
Loading

Language binding side should start a wss server instead of a tcp server, therefore it should create self-signed certificate every time application launched. Go-astilectron for example, should achive this easily by using mkcert . And the electron js main process side, the astilectron, uses rejectUnauthorized to skip checking self-signed certificate and finished ssl handshaking:

var soc = new WebSocket("wss://localhost:9000", {
  protocolVersion: 8,
  origin: 'https://localhost:9000',
  rejectUnauthorized: false
});

@gjchentw
Copy link
Author

gjchentw commented Jan 7, 2021
edited
Loading

@asticode for now I did a little work on my fork of astilectron and go-astilectron and they can work on websocket like wss://localhost:8443.

https://github.com/gjchentw/astilectron/blob/735b45b3de54e52e368d9d1d1c1d4eb3abea8a72/src/client.js

https://github.com/gjchentw/go-astilectron/blob/a0a6a02e7d51ab295a8266435d55311efa2161e0/astilectron.go

and use SocketType as an option in main.go:

	a, err := astilectron.New(l, astilectron.Options{
		AppName:           "Test",
		BaseDirectoryPath: "example",
		TCPPort:           &port,
		SocketType:        astilectron.SocketWSS,
//		SkipSetup:         true,
	})

The problem is, to make astilectron can use websocket, I added ws (https://github.com/websockets/ws/) as the only dependency in astilectron, and this makes example in go-astilectron not work due to ws is not provisioned properly. I'd like to hear advices from you and the community, maybe add new provisioner for ws, or try to implement websocket natively even it's seems more hard work to though.

Cheers.

@gjchentw gjchentw mentioned this issue Jan 10, 2021
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@asticode asticode

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@asticode @gjchentw