commit 1caa8dad46cd4a803036ebc0b76f4f9e6784e196 Author: David Fifield david@bamsoftware.com Date: Tue Jun 5 22:10:18 2012 -0700
Use plain http (not https) in embed links.
Using https would be preferable, which is why I changed this to explicit https in 836b7a27. But I learned that Firefox doesn't allow making a plaintext (ws) WebSocket connection in an https page; you have to use wss instead, for the same reason you get mixed-content warnings.
https://bugzilla.mozilla.org/show_bug.cgi?id=662692 https://developer.mozilla.org/en/Firefox_8_for_developers#WebSockets https://developer.mozilla.org/en/WebSockets/Writing_WebSocket_client_applica...
I think that we can't use wss sockets because they would require each client to have a CA cert.
In the iframe link, I've left the protocol implicit, so it will use https if the page itself is https and http otherwise. This is to avoid using mixed content, but the badge won't work if the browser disallows the plaintext WebSocket.
The about:config setting that controls this is network.websocket.allowInsecureFromHTTPS. --- README | 8 ++++---- doc/websocket-transport.txt | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/README b/README index c00804b..71fbffe 100644 --- a/README +++ b/README @@ -26,7 +26,7 @@ changing pool of addresses. This page has a description of the project; viewing it also turns your computer into a flash proxy as long as the page is open.
-https://crypto.stanford.edu/flashproxy/ +http://crypto.stanford.edu/flashproxy/
== Quick start for users @@ -46,7 +46,7 @@ if you are able to configure port forwarding or receive direct connections from the Internet.
If you don't get a connection within 30 seconds or so, make sure someone -with Flash Player is viewing https://crypto.stanford.edu/flashproxy/. +with Flash Player is viewing http://crypto.stanford.edu/flashproxy/. There aren't yet enough operational proxies that one is available all the time.
@@ -87,7 +87,7 @@ without having to do port forwarding.
=== Troubleshooting
-Make sure someone is viewing https://crypto.stanford.edu/flashproxy/, or +Make sure someone is viewing http://crypto.stanford.edu/flashproxy/, or another web page with a flash proxy badge on it.
Sometimes Tor can think that the bridge you reach through a proxy is @@ -131,7 +131,7 @@ Add this line to torrc to make the relay use the external proxy:
Paste in this HTML where you want the badge to appear:
-<iframe src="https://crypto.stanford.edu/flashproxy/embed.html" width="70px" height="23px" frameBorder="0" scrolling="no"></iframe> +<iframe src="//crypto.stanford.edu/flashproxy/embed.html" width="70px" height="23px" frameBorder="0" scrolling="no"></iframe>
== For developers diff --git a/doc/websocket-transport.txt b/doc/websocket-transport.txt index ad1eef5..cf46301 100644 --- a/doc/websocket-transport.txt +++ b/doc/websocket-transport.txt @@ -103,7 +103,7 @@ Examples
GET / HTTP/1.1\r\n Host: 192.0.2.1:80\r\n
-> Origin: https://example.com%5Cr%5Cn +> Origin: http://example.com%5Cr%5Cn
Sec-WebSocket-Version: 13\r\n Sec-WebSocket-Key: mzo2xSF9N8VUxuefqO0RSw==\r\n Connection: Upgrade\r\n
@@ -121,7 +121,7 @@ Examples
GET / HTTP/1.1\r\n Host: 192.0.2.1:80\r\n
-> Origin: https://example.com%5Cr%5Cn +> Origin: http://example.com%5Cr%5Cn
Sec-WebSocket-Version: 13\r\n Sec-WebSocket-Protocol: base64\r\n Sec-WebSocket-Key: k5Ybhw0XBDeBfmda1J9ooQ==\r\n
tor-commits@lists.torproject.org