Determining SSL Authenticity
Dave Cragg
dcragg at lacscentre.co.uk
Wed Jan 3 06:43:53 EST 2007
On 3 Jan 2007, at 04:11, Derek Bump wrote:
> Andre,
>
> Thank you so much for your response. I'm afraid I was a little
> unclear as to my intentions. I am implementing altBrowser into one
> of my projects, and unfortunately, altBrowser does not return
> whether IE knows if the server is secure. I'm looking for a way
> of determining this within Revolution so I can display that on the
> screen.
I don't know much about the workings of altBrowser, but one possible
(and clunky) way would be to check the url from Rev first before
having altBrowser display the page.
put "https://whatever.com/path" into tTestUrl
get url tTestUrl
if the result <> empty then
## no good
else
## OK so ask altBrowser to display the url
end if
Or, probably quicker, use the "open secure socket" command to just
the server:
open secure socket to "whatever.com" with message "openedOK"
on openedOK pSocket
close socket pSocket
## ask altBroswer to display the url
end openedOK
on socketError pSocket, pErrString
## no good
end socketError
One problem is that a failure to get the url or open the socket
doesn't necessarily mean the certificate is not secure. You'd have to
examine either "the result" from the url call, or pErrString in the
socketError handler to be sure.
I haven't tried either approach, so be sure to confirm that they do
what you want before trusting in them.
Cheers
Dave
More information about the use-livecode
mailing list