search

grz0zrg / fas

C Pixels-based graphical audio synthesizer implemented as a WebSocket server
https://www.fsynth.com
BSD 2-Clause "Simplified" License
131 stars 10 forks source link

Allow SSL #1

Closed grz0zrg closed 7 years ago

grz0zrg commented 7 years ago

Allow SSL to fix Firefox mixed content issues when a connection originate from a SSL enabled pages.

Should be activated by default and have a command-line flag to enable/disable it.

grz0zrg commented 7 years ago

Implemented but SSL is not the default, Firefox will always bitch about mixed content issues for https://www.fsynth.com app. or any online Fragment app. with fas enabled because we cannot provide a browser 100% trustworthy certificate for localhost/127.0.0.1 for obvious reasons... so if fas is SSL-enabled, Fragment app. is online somewhere and the websocket connection is with "wss" protocol, it will still not work under Firefox unless Firefox config. change happen or an exception is explicitely made, Firefox will still bitch about insecure contents due to self-signed certificate, this is unsolvable (but if you think otherwise, do tell us, please!) and still a critical concern.

For now, Fragment apps. should always use HTTP, this is the requirement to allow fas to be enabled everywhere without issues.