serial-port-json-server icon indicating copy to clipboard operation
serial-port-json-server copied to clipboard

Published 20 hours ago verified publisher icon johnlauer

Secure Websocket Issue

Open andreldc opened this issue 9 years ago • 6 comments

Hi, johnlauer!

Your Serial Port JSON Server is really amazing and worked fine for me on my testing environment, that uses HTTP. It happens that my final application uses HTTPS and modern browsers won't allow insecure websockets in a secure connection (https://codereview.chromium.org/248863003/).

I took a glance at the source code (even not knowing much about GO) and I think that SJPS don't accept secure sockets, right? If so, is there any hope for me?!

I was starting to write a javascript connector to make it easier to use. If you like, I can send you the code so you can share it along with the SPJS.

Thanks!

Andre Costa

andreldc avatar Jul 13 '15 16:07 andreldc

I'd love to see secure sockets support. I think you're going down a tough road as folks won't just be able to plug and play anymore, rather they'll have to create their private/public key pair and install it. I suggest you create a global one that everyone can use out of the box, but I bet you'll get folks complaining how insecure that is.

Take a look at this fork by the Arduino guys to see if you can borrow some of their wss:// code. It looks like they rolled back their changes for that, but maybe there's some gold nuggets for you. If you make these, I'd love a pull request so I can get them into the mainline.

-John

johnlauer avatar Jul 13 '15 16:07 johnlauer

I'd like to second this request. My app (https://grid.space/kiri) has to serve over https to be integrated into Onshape. But I deeply wish to send directly to the serial port server instead of tabbing out to another http app.

stewartoallen avatar Feb 16 '16 15:02 stewartoallen

Since the new Arduino Web IDE is based on SPJS, the Arduino team added SSL to SPJS. So, it may not be that bad to add SSL now. I am not sure if generating the certificates is hard, but their installer actually adds fake root certificates to your local browser. So, the cert could be the hardest part. You up for trying to integrate?

chilipeppr avatar Feb 16 '16 15:02 chilipeppr

Oops. Didn't mean to close.

chilipeppr avatar Feb 16 '16 15:02 chilipeppr

well, it was easy enough to setup stunnel to front the serial-port-json-server for wss:// and all is well now. sadly, I have no go skills to help out here.

stewartoallen avatar Feb 17 '16 05:02 stewartoallen

That sounds like a decent approach, but if you're trying to have lots of users install SPJS, that will cause lots of weirdness for them to setup.

johnlauer avatar Feb 17 '16 05:02 johnlauer