Hey,
I'm implementing Web eID and after troubleshooting why the browser extension kept throwing NativeFatalError: Technical error, see application logs, I finally discovered the native component (this project) hard-codes the requirement for HTTPS —
|
void CertificateReader::validateAndStoreOrigin(const QVariantMap& arguments) |
Could there be a configuration setting to relax that requirement for development, or at the very least, honor the so-called secure context classification the frontend web-eid.js relies on (window.isSecureContext)? The latter classifies localhost as a secure context and at least that can be proxied from the eID machine to the webapp machine. Of course that's a waste of development time, too, but at least it's a workaround.
I test drive the Estonian ID-card software on a virtual machine with the actual app server running in another virtual machine. Requiring HTTPS for development is just unnecessary fiddling with proxying for no benefit whatsoever.
Thanks!
Hey,
I'm implementing Web eID and after troubleshooting why the browser extension kept throwing
NativeFatalError: Technical error, see application logs, I finally discovered the native component (this project) hard-codes the requirement for HTTPS —web-eid-app/src/controller/command-handlers/certificatereader.cpp
Line 142 in 9c5f9ff
Could there be a configuration setting to relax that requirement for development, or at the very least, honor the so-called secure context classification the frontend web-eid.js relies on (
window.isSecureContext)? The latter classifies localhost as a secure context and at least that can be proxied from the eID machine to the webapp machine. Of course that's a waste of development time, too, but at least it's a workaround.I test drive the Estonian ID-card software on a virtual machine with the actual app server running in another virtual machine. Requiring HTTPS for development is just unnecessary fiddling with proxying for no benefit whatsoever.
Thanks!