jellyfish icon indicating copy to clipboard operation
jellyfish copied to clipboard

Published 20 hours ago verified publisher icon admc

Support HTTPS

Open peterbraden opened this issue 13 years ago • 3 comments

Creating a tracking ticket so I can keep all the research and planning related to this in one place.

Jellyfish currently doesn't support HTTPS, and a good stopgap until we get it working is to just let https traffic pass through. At the moment we seem to be closing https requests with an empty response (Chrome: Error 324 (net::ERR_EMPTY_RESPONSE))

To support HTTPS we need to address: - Certs. Jellyfish is essentially a man in the middle attack, so we need to self sign each host the proxy deals with and have a mechanism for the browser to accept the cert.

- Adding the https server port to each browser setup vars.

peterbraden avatar Apr 29 '11 22:04 peterbraden

+1

brianstarke avatar Jan 23 '12 21:01 brianstarke

This issue is a big one - which is why I think it should even be mentioned in the README till HTTPS is supported. Its the only reason why I'm not even looking at this library at the moment.

MarcWeber avatar Nov 05 '12 01:11 MarcWeber

Well - you can still run everything behind a apache/nginx proxy, right? So you can still secure your web application easily..

MarcWeber avatar Nov 05 '12 01:11 MarcWeber