GitHub/noVNC
1
0
Fork 0
mirror of https://github.com/novnc/noVNC.git synced 2026-05-26 15:13:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add warnings about insecure context

Browse Source 
Most (all?) new APIs will require a "secure context", which generally
means served over TLS. We can expect crashes because of missing
functions if this requirement isn't fulfilled, so try to warn the user.
This commit is contained in:
Pierre Ossman
2022-05-12 15:46:59 +02:00
parent 658e415796
commit cdfb336651
2 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
app/ui.js
View File

@@ -61,6 +61,14 @@ const UI = {
// Translate the DOM
l10n.translateDOM();
// We rely on modern APIs which might not be available in an
// insecure context
if (!window.isSecureContext) {
// FIXME: This gets hidden when connecting
UI.showStatus(_("HTTPS is required for full functionality"), 'error');
}
// Try to fetch version number
fetch('./package.json')
.then((response) => {
if (!response.ok) {

6
core/rfb.js
View File

@@ -79,6 +79,12 @@ export default class RFB extends EventTargetMixin {
throw new Error("Must specify URL, WebSocket or RTCDataChannel");
}
// We rely on modern APIs which might not be available in an
// insecure context
if (!window.isSecureContext) {
Log.Error("noVNC requires a secure context (TLS). Expect crashes!");
}
super();
this._target = target;