发表新帖
发表新帖

Firefox Websocket security issue

后端 未结
关注
6 825
借酒劲吻你
借酒劲吻你 2020-12-02 15:36

We have a websocket server on port 8080 setup on a Linode box. Chrome and Opera work just fine. Firefox however complains that the operation is insecure.

\"The opera

相关标签:
6条回答
  • 执念已碎
    2020-12-02 15:44

    I fixed this. The app itself is under SSL but the websocket being accessed is not. Chrome and Opera don't care but Firefox does. According to:

    https://bugzilla.mozilla.org/show_bug.cgi?id=303952

    This is known and is not considered a bug. Mozilla's response: wontfix

    Solution, put websocket server under SSL and use wss://

    0 讨论(0)
  • 再見小時候
    2020-12-02 15:48

    Beside secure ssl context and cross-origin policies, assigning some port can trigger the error as well.

    What are valid http ports for Firefox? I don't know precisely, but have to be between 1500 and 64000, or the console will display:

    SecurityError: The operation is insecure.

    And http links will say:

    This address is restricted

This address uses a network port which is normally used for purposes other than Web browsing.
Firefox has canceled the request for your protection.

    0 讨论(0)
  • 被撕碎了的回忆
    2020-12-02 15:53

    As you point out in another answer, https:// to ws:// is disallowed by default on firefox.

    Going to firefox's about:config and toggling network.websocket.allowInsecureFromHTTPS will get rid of the SecurityError.

    0 讨论(0)
  • 死守一世寂寞
    2020-12-02 16:07

    Open "about:config" url in firefox. Search for allowInsecureFromHTTPS and set it to true

    0 讨论(0)
  • 隐瞒了意图╮
    2020-12-02 16:08

    This is a hunch based off limited info, and I probably should put this into a comment, but I don't have enough reputation points to do that yet.

    Looking at your log, it seems as if 24 seconds are passing from the receipt of [object Websocket] (time 17:46:36.683) until you get The connection to ws://.....(time 17:47:00:952) error message.The long delay leads me to believe that the server could be timing out and closing the websocket connection. Look at this answer for a potential solution.

    0 讨论(0)
  • 慢半拍i
    2020-12-02 16:08

    Had the same problem and attempted to fix by changing network.websocket.allowInsecureFromHTTPS in about:config which did not work.

    Ended up finding this post => Unhandled Rejection (SecurityError): The operation is insecure. On a fresh create-react-app project

    Changing this in index.js ended up working for me

    serviceWorker.register();
//serviceWorker.unregister();
    0 讨论(0)
 看不清?
提交回复
热议问题