Currently I am writing a small firefox extension that should check if the current page has either a ca signed SSL certificate, a self-signed certificate or is not protected at all. For the last case I can use "content.document.location.protocol" and check it for https, but for the difference between ca and self-signed I could not find any solution.
EDIT:
After some research I found this site now: https://developer.mozilla.org/en-US/docs/How_to_check_the_security_state_of_an_XMLHTTPRequest_over_SSL
But somehow this does not work or more exactly it does not work correctly, I used the script with the following sites:
test(" https://www.pcwebshop.co.uk/ ");
test(" https://tv.eurosport.com/ ");
The certs are definitely not secure (expired and for another location), but the script shows that the sites are secure ("Security state: secure", and that even when the date of the shown output is expired).
Anyone knows what's the issue?
Now I found a solution to my problem, in case anyone else got the problem, I did the following:
const cc = Components.classes;
const ci = Components.interfaces;
const gb = window.getBrowser();
var currentBrowser = gb.selectedBrowser;
var ui = currentBrowser.securityUI;
verifiedSSL = (ui.state & ci.nsIWebProgressListener.STATE_IS_SECURE);
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.