• DHTML with https
    9 replies, posted
Hi there I have a DHTML element that has worked perfectly up until now. I just changed our servers to HTTPS and now the css elements won't resolve regardless of what url I put. Does garrysmod not support https or am I doing something wrong? Thanks
Pretty sure it does as I use my DRM system with a HTTPS server using POST and that works fine iirc
I got a whole forum running fine with HTTPS URLs, maybe the browser wont allow the CSS because its cross-references, to protect the user? Try seeing when opening the url in your browser(Like chrome) if it shows the GREEN HTTPS lock instead of something yellow or so.
We've got a green lock, the website in question is [url]https://streetwarsrp.com/[/url]. We do, however, have a few minor warning saying that we have un-protected content as the GameTracker banners are http content (as their cache does not support HTTPS).
their cache supports HTTPS, i got it myself too, you gotta change the url. [B][url]https://www.gametracker.com/server_info/BANNERSETTINGS[/url][/B] aka remove the [B]cache.[/B]
[QUOTE=whitestar;51223797]their cache supports HTTPS, i got it myself too, you gotta change the url. [B][url]https://www.gametracker.com/server_info/BANNERSETTINGS[/url][/B] aka remove the [B]cache.[/B][/QUOTE] So what you're saying is that their cache does not support HTTPS :P? We're now querying their live site and not the cache. Not that I mind, thats what they get for not allowing HTTPS on their cache sub-domain I guess.
[QUOTE=maldark;51225926]So what you're saying is that their cache does not support HTTPS :P? We're now querying their live site and not the cache. Not that I mind, thats what they get for not allowing HTTPS on their cache sub-domain I guess.[/QUOTE] Yeah, but who cares these days? They get enough money with their ads so they can pay the bandwidth, if they dont want HTTPS caching :p
So I've tried to make this work again, and without luck. If I load a part of my website that runs HTTPS it simply returns a blank panel whereas when I load a HTTP page it shows the actual page. Any ideas of why this is happening? The code in question is: [code] local Panel = vgui.Create("DPanel") Panel :SetSize(ScrW() - 60, ScrH() - 80) local PanelFrame = vgui.Create( "HTML", Panel ) PanelFrame:SetSize( ScrW() - 70, ScrH() - 180) PanelFrame:OpenURL("https://streetwarsrp.com") [/code] But as mentioned the [code] PanelFrame:OpenURL("http://streetwarsrp.com/garrysmod") [/code] does indeed load as the garrysmod folder is not https.
I believe the issue could be the security settings that I have put on my website. I had disabled both TLS 1.1, TLS 1.0, SSL 3 and SSL 2, but when scanning the [url=http://wiki.garrysmod.com/page/Category:HTML]HTML[/url] elements SSL capabilities I discovered that it only supported SSL3 (!) and TLS 1.0. The tool I used for scanning this was the tool provided at [url=https://www.ssllabs.com/ssltest/viewMyClient.html]SSL LABS[/url] Does anyone know what browser this implementation is based on, and also why it is so outdated? I have tried enabling TLS 1.0 now, but am still unable to access [url]https://streetwarsrp.com[/url]. All I get is [url=http://image.prntscr.com/image/1b3af7c48c2a44e7a7cbe87859e498d6.png]this[/url] - a blank write screen. If I attempt to visit a site such as [url]https://eu.battle.net/login/en/[/url] or [url]https://www.ssllabs.com[/url] it works just fine though... Any ideas? [editline]6th November 2016[/editline] After a lot of fiddling around I have gotten it working by disabling some ciphers. I basically mirrored what Battle.Net uses except the 3DES ciphers. If anyone else in the future may run into a similar problem, these are the ciphers I ended up having enabled (along with TLS 1.0, 1.1 and 1.2): [code] TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c) TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d) TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c) TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d) TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) TLS_RSA_WITH_AES_256_CBC_SHA (0x35) [/code] Configured with the following SSLCipherSuite (from the options-ssl-apache.conf file) [code] ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:!DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:!DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:!DHE-RSA-AES128-SHA256:!DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:!DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:!DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:!CAMELLIA:!DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA [/code]
If you want the root cause of this issue to be solved, spam [url=https://facepunch.com/showthread.php?p=51209827#post51209827]this post[/url] in the the thread it's in. Just reply to it asking when it'll happen.
Sorry, you need to Log In to post a reply to this thread.