connecting to apps running HTTPS
arthurakay opened this issue · comments
Is there a way to configure wiretap
to connect an app running HTTPS?
I have an app running HTTPS on port 4000, and when I try this:
wiretap('My App', {port: 49899});
...I get a lot of errors in my network console:
Mixed Content: The page at 'https://localhost:8443/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://localhost:49899/socket.io/?EIO=3&transport=polling'. This request has been blocked; the content must be served over HTTPS.
Several years ago I worked at Sencha and built a similar tool called Sencha Inspector -- we solved this by shipping with an SSL certificate, but considering you're building an open-source product I doubt that's a viable option here.
That's going to be tricky. Do you think a self-signed certificate would help?
Self-signed cert could help, but the problem there is that any user has to manually navigate to https://localhost:49899
(or whatever port) and manually accept the self-signed cert (because otherwise browsers, specifically Chrome, block these connections as a security precaution).
TL;DR it's a temporary work-around.
I should probably dig into your code at this point and see how you fire up the localhost server, then offer some suggestions. I was just curious if you had already thought of this problem.
That's right, it would be temporary workaround. But again the tool is intended to be used in a development environment and I presumed that most would be using it with http.
Here is the server which is pretty straight forward socket.io server.
https://github.com/Raathigesh/wiretap/blob/master/packages/app/src/main/server.js
Was experimenting with a hosted app approach using webRTC. This should work with https since the broker is running on https. https://github.com/Raathigesh/wiretap/blob/master/README.md#mobx-wiretap-live-experimental
That does seem like it should work. Thanks!