Unable to establish a secure connection

shashi278 / social-auth-kivy

Integrate Google, Facebook, Github & Twitter login in kivy applications

MIT License

150 stars 23 forks source link

Unable to establish a secure connection #10

Open HeaTTheatR opened 3 years ago

HeaTTheatR commented 3 years ago

Unable to establish a secure connection Attackers may try to steal your data from the 127.0.0.1 website (for example, passwords, messages, or bank card numbers).

https://user-images.githubusercontent.com/16930280/112735234-b36d1b00-8f5b-11eb-8b46-a539e6d64f57.mov

shashi278 commented 3 years ago

That's expected behavior for now because the server is running locally and using 'self-signed' certs which browsers don't really trust upon because they only trust on certificates signed by a trusted CA(Certificate Authority).

So, since it's running locally(localhost), it's totally safe because any traffic sent to localhost is guaranteed not to leave your machine, and so is considered automatically secure against network interception.

HeaTTheatR commented 3 years ago

@shashi278 This can hardly be explained to the user who will be using the application built with this library. This is a big problem at the moment.

richkode commented 1 year ago

@shashi278 I think the issue could be solved by not calling that endpoint. You could just prepare the google login page URL for your app and open it where the call was made to the local server because all that endpoint is doing is creating the link and redirecting to that created link.

shashi278 commented 1 year ago

@richkode I'll have to look into it to see if it can be achieved