Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

net::ERR_INSECURE_RESPONSE errors #7221

Closed
steverandy opened this Issue Sep 16, 2016 · 8 comments

Comments

Projects
None yet
6 participants
@steverandy
Copy link

steverandy commented Sep 16, 2016

  • Electron version: 1.4.0
  • Operating system: OS X 10.11.6

After updating to electron v1.4.0, I noticed getting a lot of ERR_INSECURE_RESPONSE from the requests in a webview.
I have tried the same website (http://www.bloomberg.com/) on electron v.1.3.6 and not getting any error.

screen shot 2016-09-16 at 4 32 28 pm

@deepak1556 deepak1556 added the bug label Sep 16, 2016

@deepak1556

This comment has been minimized.

Copy link
Member

deepak1556 commented Sep 16, 2016

net-log trace shows connection failed with ERR_CERTIFICATE_TRANSPARENCY_REQUIRED. Need to fix our certificate transparency verifier implementation.

@deepak1556 deepak1556 self-assigned this Sep 17, 2016

@sleevi

This comment has been minimized.

Copy link

sleevi commented Sep 17, 2016

@deepak1556 See electron-archive/brightray#248 for the root cause and fix

@azer

This comment has been minimized.

Copy link

azer commented Sep 21, 2016

I'm getting same error for flickr

@kevinsawicki

This comment has been minimized.

Copy link
Contributor

kevinsawicki commented Sep 22, 2016

The fix for this issue was released in 1.4.1, huge thanks to @sleevi for all the details on the underlying issue and needed changes.

@mccxiv

This comment has been minimized.

Copy link

mccxiv commented Dec 2, 2016

So, this is suddenly happening on 1.4.2 to all users of my app. No code was changed, I have no idea how to debug this.

Console:

Network tab:

Network tab details:

Sample links that cause this error (work fine in chrome):
https://static-cdn.jtvnw.net/badges/v1/3267646d-33f0-4b17-b3df-f923a41db1d0/1
https://www.twitch.tv/bits/config.json

Any workaround or steps I can do to investigate further?

@sleevi

This comment has been minimized.

Copy link

sleevi commented Dec 2, 2016

This was mentioned in electron-archive/brightray#248

If you want to support CT with Chromium's policy, use net::ct::CreateLogVerifiersForKnownLogs(). However, you should only do so with a reasonable update schedule in place; the set of known logs will grow and change over time, and an outdated Electron/Brightray may result in certificates accepted by Chrome being rejected.

It's likely that your application has not been updated within 10 weeks, which is what Chromium defines as 'outdated', and as a result, certificates accepted by Chrome are being rejected by your app.

@sleevi

This comment has been minimized.

Copy link

sleevi commented Dec 2, 2016

@kevinsawicki

This comment has been minimized.

Copy link
Contributor

kevinsawicki commented Dec 9, 2016

The broader issue is captured in https://bugs.chromium.org/p/chromium/issues/detail?id=664177

There is a pull request up to pull in the patch for https://codereview.chromium.org/2495583002 at electron/libchromiumcontent#248

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.