social-auth-kivy icon indicating copy to clipboard operation
social-auth-kivy copied to clipboard

Published 20 hours ago verified publisher icon shashi278

Unable to establish a secure connection

Open HeaTTheatR opened this issue 3 years ago • 4 comments

Unable to establish a secure connection Attackers may try to steal your data from the 127.0.0.1 website (for example, passwords, messages, or bank card numbers).

https://user-images.githubusercontent.com/16930280/112735234-b36d1b00-8f5b-11eb-8b46-a539e6d64f57.mov

HeaTTheatR avatar Mar 27 '21 21:03 HeaTTheatR

That's expected behavior for now because the server is running locally and using 'self-signed' certs which browsers don't really trust upon because they only trust on certificates signed by a trusted CA(Certificate Authority).

So, since it's running locally(localhost), it's totally safe because any traffic sent to localhost is guaranteed not to leave your machine, and so is considered automatically secure against network interception.

shashi278 avatar Mar 28 '21 08:03 shashi278

@shashi278 This can hardly be explained to the user who will be using the application built with this library. This is a big problem at the moment.

HeaTTheatR avatar Mar 28 '21 08:03 HeaTTheatR

@shashi278 I think the issue could be solved by not calling that endpoint. You could just prepare the google login page URL for your app and open it where the call was made to the local server because all that endpoint is doing is creating the link and redirecting to that created link.

richkode avatar Feb 07 '23 19:02 richkode

@richkode I'll have to look into it to see if it can be achieved

shashi278 avatar Feb 18 '23 15:02 shashi278