Changes between Version 2 and Version 3 of doc/PluggableTransports/FlashProxy/FAQ


Ignore:
Timestamp:
Dec 21, 2016, 7:06:11 AM (2 years ago)
Author:
dcf
Comment:

Fix markup. The '' in the demonstration link was being interpreted as italics to the end of the line.

Legend:

Unmodified
Added
Removed
Modified
  • doc/PluggableTransports/FlashProxy/FAQ

    v2 v3  
    1313The link without `http` or `https` is sometimes called a scheme-relative or [http://paulirish.com/2010/the-protocol-relative-url/ protocol-relative URL]. It means that if the linking page uses plain HTTP, the URL will also use plain HTTP; and if the linking page uses HTTPS, the URL also uses HTTPS.
    1414
    15 Wouldn't it be better to always use HTTPS? Yes, except that for technical reasons '''the proxy badge does not work when the enclosing page uses HTTPS'''. This is because pages using HTTPS are not allowed to make unencrypted WebSocket connections. If you are looking at the page '''https'''://crypto.stanford.edu/flashproxy/, the badge will appear to be running, but it will in fact be non-functional, incapable of making any WebSocket connections. The reason we must make unencrypted WebSocket connections is that we are connecting to clients who don't have CA-issued certificates.
     15Wouldn't it be better to always use HTTPS? Yes, except that for technical reasons '''the proxy badge does not work when the enclosing page uses HTTPS'''. This is because pages using HTTPS are not allowed to make unencrypted WebSocket connections. If you are looking at the page '''https''':!//crypto.stanford.edu/flashproxy/, the badge will appear to be running, but it will in fact be non-functional, incapable of making any WebSocket connections. The reason we must make unencrypted WebSocket connections is that we are connecting to clients who don't have CA-issued certificates.
    1616
    1717Then why not always use HTTP? If we did this, it would cause [https://developer.mozilla.org/en-US/docs/Security/MixedContent mixed-content warnings] for embedding sites that use HTTPS. To avoid breaking those sites, the badge appears, it just doesn't work. Please let us know if you have a nicer solution to this problem.