Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Attempting to connect via http on an external connection causes crash #107

Open
willbruceSmartDCSIT opened this issue Feb 6, 2024 · 1 comment
Open

Attempting to connect via http on an external connection causes crash #107

willbruceSmartDCSIT opened this issue Feb 6, 2024 · 1 comment

Comments

@willbruceSmartDCSIT
Copy link

Describe the bug
When running the chatterbox client on my web browser to connect to the homeserver - using my networks IP (192.168.0.X) - the CB client crashes when loading up. The error message valid in the Chrome Inspect panel is:
VM42 main.ts:104 TypeError: Cannot read properties of undefined (reading 'deriveBits') at new Crypto (VM46 hydrogen-view-sdk.js:8749:23) at new Platform (VM46 hydrogen-view-sdk.js:9774:21) at main (VM42 main.ts:57:20)
VM46 hydrogen-view-sdk.js:8749 Uncaught (in promise) TypeError: Cannot read properties of undefined (reading 'deriveBits') at new Crypto (VM46 hydrogen-view-sdk.js:8749:23) at new Platform (VM46 hydrogen-view-sdk.js:9774:21) at main (VM42 main.ts:57:20)

To Reproduce
Steps to reproduce the behavior:

  1. Follow installation steps outlined in the readme
  2. Adjust config.json
  3. Connect to server IP
  4. Error visible in the Chrome Inspect Console

Expected behavior
Chatterbox client should open up as normal - this works when connecting to localhost

Desktop (please complete the following information):

  • Browser: Chrome
  • Version: 121.0.6167.139
@Rhys-T
Copy link

Rhys-T commented Feb 8, 2024

I ran into that too. It's not exactly a bug in Chatterbox, but rather a limitation in what your browser allows non-secure websites to do. Chatterbox/Hydrogen uses the Web Crypto API, and like a lot of newer web APIs, it's only allowed in secure contexts - which basically means either HTTPS or localhost. So when you connect to another server like 192.168.0.X over insecure HTTP, the entire crypto.subtle object is missing, and CB doesn't bother to check whether it exists before using it, so it ends up crashing (not that CB could work without it anyway).

To let Chatterbox use that API, you can either:

  • Serve Chatterbox and the host page over HTTPS (even a self-signed certificate is enough to allow the Web Crypto API, once you tell the browser to accept it)
  • Tunnel/proxy the connection through localhost somehow (e.g. ssh -L8000:localhost:80 192.168.0.X then go to localhost:8000)
  • Use a browser-specific setting to force 192.168.0.X to be treated as a secure context
    • Firefox: Go to about:config, and create dom.securecontext.allowlist as a comma-separated list of domains/addresses to treat as secure (e.g. 192.168.0.X,192.168.0.Y).
    • Chrome: Go to chrome://flags/#unsafely-treat-insecure-origin-as-secure, and enter a comma-separated list of origins to treat as secure (e.g. http://192.168.0.X,http://192.168.0.Y:8000).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Rhys-T @willbruceSmartDCSIT