-
Notifications
You must be signed in to change notification settings - Fork 19
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use tlsv1 with PhantomJS #14
Comments
This appears to be fixed in PhantomJS 1.9.8 (tlsv1 is now the default), so just bumping the dependency should be enough. |
Ok, if I bump the dependency, do you still want to include your pull request? |
Well, first you need to wait for the NPM wrapper to include the latest PhantomJS release: As soon as it's all upgraded I will no longer need it, so I don't mind if you don't include the pull request. It depends if you think it can be useful for other PhantomJS options or not: |
According to that the version of the package is in line with what PhantomJS version is being used. It's currently 1.9.11. |
Actually the versioning of the npm wrapper is a bit confusing, but version 1.9.11 of the NPM wrapper released one week ago includes PhantomJS 1.9.7: The latest PhantomJS version is 1.9.8, released yesterday: |
Ok I created an issue for this over there. But i'll probably accept your patch anyway. Thanks! |
Thank you! |
PhantomJS uses SSLv3 by default, but because of the POODLE exploit this is massively removed from projects.
ariya/phantomjs#12655
It is possible to workaround by passing "--ssl-protocol=tlsv1" to PhantomJS.
Maybe gulp-qunit could either include this parameter, or make it an option?
The text was updated successfully, but these errors were encountered: