Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Execution context warning #36

Open
wants to merge 7 commits into
base: main
Choose a base branch
from

Conversation

TeddyBear06
Copy link
Contributor

@TeddyBear06 TeddyBear06 commented Feb 8, 2023

Let summarize my proposal #36 in two parts as creator and secret does not meets the same requirements.

A - Concerning the creator:

Requires HTTPS at any time.

Message: Please host this tool on an HTTPS server (notice that some browsers are not happy with a self-signed certificate).

B - Concerning the secret:

Requires a "secure context" (given by the isSecureContext property).

Message: The current browser context is not considered "secure" and portable-secret won't work properly. Please open this secret from your local filesystem (file://) or from an HTTPS server.

Display a warning message if the current browser context is not considered as "secure".
creator/index.html Outdated Show resolved Hide resolved
creator/secret-template.html Outdated Show resolved Hide resolved
@TeddyBear06
Copy link
Contributor Author

@mluisbrown Thanks for the review.

The same context logic testing cannot be used on both creator and secret as creator need HTTPS at any time (due to fetch() method). I also removed the localhost notion because it's confusing and serving content over HTTPS needs to be recommended at any time.
@TeddyBear06 TeddyBear06 changed the title [DRAFT] Browser secure context warning Execution context warning Feb 9, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants