科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

    最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客
    你的位置: 首页>programmer>javascript - how to by pass following error in Firefox extension "server does not support RFC 5746" - Stack Ov

    javascript - how to by pass following error in Firefox extension "server does not support RFC 5746" - Stack Ov

    programmeradmin4浏览0评论

    I am developing a FireFox extension when I do xhr to the Secure server , particularly POST a data it gives a status 500, and following mesage:

    onsip.highrisehq : server does not support RFC 5746, see CVE-2009-3555

    How can I by pass by It? I assume that this is because of the Server misconfiguration, but I can't wait till someone from 37 signal will fix it. thanks for your help

    I am developing a FireFox extension when I do xhr to the Secure server , particularly POST a data it gives a status 500, and following mesage:

    onsip.highrisehq. : server does not support RFC 5746, see CVE-2009-3555

    How can I by pass by It? I assume that this is because of the Server misconfiguration, but I can't wait till someone from 37 signal will fix it. thanks for your help

    • javascript
    • firefox
    • firefox-addon
    • xmlhttprequest
    Share Improve this question asked Aug 26, 2010 at 12:56 simplesimple 1,0914 gold badges15 silver badges32 bronze badges 4
    • Same problem, in my case, with a standalone Xulrunner application, when trying to access mail.yahoo.. – Student Commented Nov 3, 2010 at 17:14
    • concerning the issue , it turned out to be just warning if you inspect the requests, they should go just fine – simple Commented Nov 4, 2010 at 6:20
    • Yes, the message here shows as a info message, not an error. Still, the page is not loaded. – Student Commented Nov 4, 2010 at 13:44
    • Try to see the requests i/o , in my case I could see it with a help of firefox - "httpfox" addon – simple Commented Nov 5, 2010 at 14:11
    Add a ment  | 

    2 Answers 2

    Reset to default 2

    Well - "see CVE-2009-3555". Basically it's a server side vulnerability which might allow to promise a TLS/SSL session.

    I'm not sure there's anything you can do on the client side to resolve this, until 37signals update their servers.

    This is sort of a hack, but another option (instead of the XHR request) is a "hidden" (1px by 1px) IFRAME. It's not pretty, but I've used it in situations where I had (different) problems with the XHR route (and there might even be a way to hide it entirely, but the 1px/1px works for me so I've never bothered to try anything else).

    Just change the frame's src attribute to "make a request", then view it's document to read the "response".

    继续浏览有关 的文章

    与本文相关的文章

    发布评论

    评论列表(0)

    1. 暂无评论