I am using the grunt-accessibility plugins to automate the reporting for accessibility
errors. It works fine for normally, but when I try it on a site which has a self signed certificate
(the kind which shows an interim
page with some certificate security warning and a link to continue to the site if you still wish to), it reports the error on that interim
page itself which is, of course an empty page:
<html>
<head></head>
<body></body>
</html>
Obviously I want to bypass this interim page and run accessibility
on the actual page.
What I was trying?
I had tried the following (found from googling and from other SO's
Q&A):
The infamous hack
npm set strict-ssl false
Adding the imported certification path
npm config set cafile="C:\\path\\to\\cert.cer"
Adding process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0"
(see Grunfile
below)
From what I gather, grunt-accessibility
uses AccessSniff
which in turn uses phantomjs
. Now, phantomjs
has options to ignore such warnings by
--ignore-ssl-errors=[true|false]
ignores SSL errors, such as expired or self-signed certificate errors (default is false).
Above is the CLI options, which I am not able to pass from Grunfile.js
. Can someone help me resolve or suggest another approach for the issue.
This is my Gruntfile.js:
module.exports = grunt => {
process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
grunt.initConfig({
phantomjs: {
// default: {
options: {
"ignore-ssl-errors": true,
// tested here with different instructions as per comments
// below from users on this site, such as
// "--ignore-ssl-errors": true (-- hyphen)
// "ignore-ssl-errors": "true" ("true" as string)
"ssl-protocol": "any",
"ssl-certificates-path": "C:/path/to/cert.cer"
}
// }
},
accessibility: {
options: {
force: true,
accessibilityLevel: 'WCAG2AAA',
browser: true // tested with both true/false, i.e. opt for phantomjs/jsDom
},
test: {
options: {
urls: ['https://self-signed.badssl.com/']
},
src: ['example/test.html']
}
}
});
grunt.loadNpmTasks('grunt-accessibility');
grunt.registerTask('default', ['accessibility']);
};
PS:
test url is an actual self-signed ssl site, so you can copy/paste the above code and test it
only dependencies in package.json
"devDependencies": { "grunt": "^1.0.1", "grunt-accessibility": "^5.0.0" }
node version v.8.9.0
I don't think you can directly affect how PhantomJS is called from within another Grunt plugin within your own Gruntfile .
If I'm not mistaken, the only solution is to either commit a change to the grunt-accessibility package that passes an ignore-ssl-errors
option (in the the options you pass to grunt-accessibility) upstream to PhantomJS; or to intercept the call to PhantomJS and inject the ignore-ssl-errors
option.
I think the second solution will be the quickest and most expedient. You'd have to either manually modify the entry point (either node_modules/.bin/phantomjs
or node_modules/phantomjs/index.js
) or write a pre-run script that would modify it. In the modified .js file, you'd inject the ignore-ssl-errors
by adding code to the top of the file that appends it to the process.argv
array:
process.argv.push("--ignore-ssl-errors=true");
I always use the strict-ssl command but with a small difference.
Try to insert a config in your command
There will be like npm config set strict-ssl false
Hope this help you.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.