Vulnerable to Freak Attack #30
Comments
|
See this as a reference: https://together.jolla.com/question/85049/sailfish-freaked-out/ |
|
@llelectronics About qtwebkit not supporting it, if you test with https://cve.freakattack.com the stock browser refuses the connection (invalid server key, i'm aware stock is gecko), my desktop chrome does the same. Webpirate allows the unsecure key. |
|
I know this issue but I can't do anything atm. I don't know when Jolla release Qt >= 5.4 on Sailfish, so this week I have worked on an experimental version of WebPirate which uses Blink instead of the obsolete/buggy QtWebKit. I have (almost) successfully ported the Chromium Embedded Framework (https://code.google.com/p/chromiumembedded/) on Qt/QML. CEF uses Chromium 42 code base, it's updated and faster, and a very good alternative to QtWebKit. |
|
Yeah same as webcat. @Dax89 : Great news that you are working on chromiumembedded. That will bring in lots of cool new stuff and speed. I personally believe Qt 5.4 will be part of the SailfishOS 2.0 update coming in June. |
|
Thanks to you both for creating an alternative browser for sailfish. Keep up your great work. |
|
@llelectronics I will upload the porting here on GitHub when it starts to become usable, so we can benefit both :) |
|
This is the repository containing my work done with Chromium Embedded (currently based on Chromium 42): https://github.com/Dax89/QtCEF I'm giving priority on QtQuick implementation (the QWidget part is stubbed), I'm able to render web pages and playing HTML5 videos without issues (the rendering part needs a rewrite, but is low priority atm). This is the result using the example contained in the repository: A lot of work still needs to be done :) |
|
Cool, very nice |
|
POODLE & others too. https://www.ssllabs.com/ssltest/viewMyClient.html :( |
Webprirate is vulnerable to the Freak attack. See: https://freakattack.com/
Stock browser is safe.
The text was updated successfully, but these errors were encountered: