PloneFlashUpload barfs on ssl

classic Classic list List threaded Threaded
3 messages Options
Alan Milligan Alan Milligan
Reply | Threaded
Open this post in threaded view
|

PloneFlashUpload barfs on ssl

Hi,

Frustratingly the PloneFlashUpload issue tracker redirects to p4a.  I
don't know how many projects I'm expected to sign up to to actually log
a ticket against something in the collective so I'm just going to post
here.

The aforementioned product, both version 1.1 and the new 1.2rc
completely fail to post to https urls.

They each work brilliantly in http postings, both directly to Zope and
via Apache.  However, no https uploads work.  This is rather
unfortunate, because unlike http, I cannot sniff the offending traffic.

If someone who knows more about Flash (or PloneFlashUpload) than I can
share any observations, that would be great.  I am more than willing to
post logs in excruciating detail to resolve this.

Alan

_______________________________________________
Product-Developers mailing list
[hidden email]
http://lists.plone.org/mailman/listinfo/product-developers
dunny dunny
Reply | Threaded
Open this post in threaded view
|

Re: PloneFlashUpload barfs on ssl

On Wed, Jan 21, 2009 at 1:19 AM, Alan Milligan <[hidden email]> wrote:

> Hi,
>
> Frustratingly the PloneFlashUpload issue tracker redirects to p4a.  I don't
> know how many projects I'm expected to sign up to to actually log a ticket
> against something in the collective so I'm just going to post here.
>
> The aforementioned product, both version 1.1 and the new 1.2rc completely
> fail to post to https urls.
>
> They each work brilliantly in http postings, both directly to Zope and via
> Apache.  However, no https uploads work.  This is rather unfortunate,
> because unlike http, I cannot sniff the offending traffic.
>
> If someone who knows more about Flash (or PloneFlashUpload) than I can share
> any observations, that would be great.  I am more than willing to post logs
> in excruciating detail to resolve this.

The HTTP(S) transaction for the upload is performed by Flash rather
than by the host browser of the plugin. It looks like Flash has its
own interpretation (rather than matching the browsers interpretation)
about what is a valid HTTPS certificate. For example self signed
certificates are not valid. See
http://swfupload.org/forum/generaldiscussion/347

--
Michael Dunstan

_______________________________________________
Product-Developers mailing list
[hidden email]
http://lists.plone.org/mailman/listinfo/product-developers
Alan Milligan Alan Milligan
Reply | Threaded
Open this post in threaded view
|

Re: PloneFlashUpload barfs on ssl

Michael Dunstan wrote:

> On Wed, Jan 21, 2009 at 1:19 AM, Alan Milligan <[hidden email]> wrote:
>  
>> Hi,
>>
>> Frustratingly the PloneFlashUpload issue tracker redirects to p4a.  I don't
>> know how many projects I'm expected to sign up to to actually log a ticket
>> against something in the collective so I'm just going to post here.
>>
>> The aforementioned product, both version 1.1 and the new 1.2rc completely
>> fail to post to https urls.
>>
>> They each work brilliantly in http postings, both directly to Zope and via
>> Apache.  However, no https uploads work.  This is rather unfortunate,
>> because unlike http, I cannot sniff the offending traffic.
>>
>> If someone who knows more about Flash (or PloneFlashUpload) than I can share
>> any observations, that would be great.  I am more than willing to post logs
>> in excruciating detail to resolve this.
>>    
>
> The HTTP(S) transaction for the upload is performed by Flash rather
> than by the host browser of the plugin. It looks like Flash has its
> own interpretation (rather than matching the browsers interpretation)
> about what is a valid HTTPS certificate. For example self signed
> certificates are not valid. See
> http://swfupload.org/forum/generaldiscussion/347
>
>  
Michael, thank you for that piece of wisdom - I'd suspected HTTP_REFERER
or suchlike but not being able to disect swf hoped somebody would have
some ideas.

Cheers, Alan



_______________________________________________
Product-Developers mailing list
[hidden email]
http://lists.plone.org/mailman/listinfo/product-developers