DHTML with https

Hi there

I have a DHTML element that has worked perfectly up until now. I just changed our servers to HTTPS and now the css elements won’t resolve regardless of what url I put. Does garrysmod not support https or am I doing something wrong?

Thanks

Pretty sure it does as I use my DRM system with a HTTPS server using POST and that works fine iirc

I got a whole forum running fine with HTTPS URLs, maybe the browser wont allow the CSS because its cross-references, to protect the user? Try seeing when opening the url in your browser(Like chrome) if it shows the GREEN HTTPS lock instead of something yellow or so.

We’ve got a green lock, the website in question is https://streetwarsrp.com/. We do, however, have a few minor warning saying that we have un-protected content as the GameTracker banners are http content (as their cache does not support HTTPS).

their cache supports HTTPS, i got it myself too, you gotta change the url. https://www.gametracker.com/server_info/BANNERSETTINGS aka remove the cache.

So what you’re saying is that their cache does not support HTTPS :P? We’re now querying their live site and not the cache. Not that I mind, thats what they get for not allowing HTTPS on their cache sub-domain I guess.

Yeah, but who cares these days? They get enough money with their ads so they can pay the bandwidth, if they dont want HTTPS caching :stuck_out_tongue:

So I’ve tried to make this work again, and without luck. If I load a part of my website that runs HTTPS it simply returns a blank panel whereas when I load a HTTP page it shows the actual page. Any ideas of why this is happening? The code in question is:



local Panel = vgui.Create("DPanel")
	Panel :SetSize(ScrW() - 60, ScrH() - 80)

local PanelFrame = vgui.Create( "HTML", Panel )
	PanelFrame:SetSize( ScrW() - 70, ScrH() - 180)
	PanelFrame:OpenURL("https://streetwarsrp.com")


But as mentioned the



PanelFrame:OpenURL("http://streetwarsrp.com/garrysmod")


does indeed load as the garrysmod folder is not https.

I believe the issue could be the security settings that I have put on my website. I had disabled both TLS 1.1, TLS 1.0, SSL 3 and SSL 2, but when scanning the HTML elements SSL capabilities I discovered that it only supported SSL3 (!) and TLS 1.0. The tool I used for scanning this was the tool provided at SSL LABS

Does anyone know what browser this implementation is based on, and also why it is so outdated?

I have tried enabling TLS 1.0 now, but am still unable to access https://streetwarsrp.com. All I get is this - a blank write screen. If I attempt to visit a site such as https://eu.battle.net/login/en/ or https://www.ssllabs.com it works just fine though… Any ideas?

[editline]6th November 2016[/editline]

After a lot of fiddling around I have gotten it working by disabling some ciphers. I basically mirrored what Battle.Net uses except the 3DES ciphers.

If anyone else in the future may run into a similar problem, these are the ciphers I ended up having enabled (along with TLS 1.0, 1.1 and 1.2):



TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c)
TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d)
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c)
TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d)
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)
TLS_RSA_WITH_AES_256_CBC_SHA (0x35)


Configured with the following SSLCipherSuite (from the options-ssl-apache.conf file)



ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:!DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:!DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:!DHE-RSA-AES128-SHA256:!DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:!DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:!DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:!CAMELLIA:!DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA


If you want the root cause of this issue to be solved, spam this post in the the thread it’s in. Just reply to it asking when it’ll happen.