开发者

how to by pass following error in Firefox extension "server does not support RFC 5746"

I am developing a FireFox extension when I do xhr to the Secure server , particularly POST a data it gives a status 500, and following mesage: 开发者_StackOverflow

onsip.highrisehq.com : server does not support RFC 5746, see CVE-2009-3555

How can I by pass by It? I assume that this is because of the Server misconfiguration, but I can't wait till someone from 37 signal will fix it. thanks for your help


Well - "see CVE-2009-3555". Basically it's a server side vulnerability which might allow to compromise a TLS/SSL session.

I'm not sure there's anything you can do on the client side to resolve this, until 37signals update their servers.


This is sort of a hack, but another option (instead of the XHR request) is a "hidden" (1px by 1px) IFRAME. It's not pretty, but I've used it in situations where I had (different) problems with the XHR route (and there might even be a way to hide it entirely, but the 1px/1px works for me so I've never bothered to try anything else).

Just change the frame's src attribute to "make a request", then view it's document to read the "response".

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜