Home Explore Help
Sign In
csh
/
y.st.
forked from y.st./y.st.
Watch 1
Star 0
Fork 0
Files
Branch: master
Branches Tags
y.st.
/
source
/
pages
/
en
/
weblog
/
2016
/
03-March
/
13.xhtml

13.xhtml 6.1 KB
Permalink History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * <https://y.st./>
    4. 

  4.  * Copyright © 2016 Alex Yst <mailto:copyright@y.st>
    5. 

  5.  * 
    6. 

  6.  * This program is free software: you can redistribute it and/or modify
    7. 

  7.  * it under the terms of the GNU General Public License as published by
    8. 

  8.  * the Free Software Foundation, either version 3 of the License, or
    9. 

  9.  * (at your option) any later version.
    10. 

  10.  * 
    11. 

  11.  * This program is distributed in the hope that it will be useful,
    12. 

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    13. 

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    14. 

  14.  * GNU General Public License for more details.
    15. 

  15.  * 
    16. 

  16.  * You should have received a copy of the GNU General Public License
    17. 

  17.  * along with this program. If not, see <https://www.gnu.org./licenses/>.
    18. 

  18. **/
    19. 

  19. 

  20. $xhtml = array(
    21. 

  21. 	'title' => 'Webkit isn&apos;t the problem',
    22. 

  22. 	'body' => <<<END
    23. 

  23. <p>
    24. 

  24. 	I checked in on the <a href="https://codereview.qt-project.org/#/c/152150/">Qt pull request</a> and found that it has been merged! If <a href="apt:arora">Arora</a> doesn&apos;t have it&apos;s own $a[SNI] bug, Arora is now fixed.
    25. 

  25. 	Additionally, the <a href="https://bugzilla.gnome.org/show_bug.cgi?id=763510">$a[GNOME] bug report</a> has been changed again, this time to reflect that the bug is in glib and that it relates to networking in an unspecified version.
    26. 

  26. 	People are actually looking at it and passing it to the developers of the particular subproject so that it can actually get fixed.
    27. 

  27. 	This is better than I dared hope for! With a little luck, maybe the <a href="https://bugs.webkit.org/show_bug.cgi?id=155378">Webkit bug</a> will be taken seriously as well.
    28. 

  28. 	However, while I was out, I saw that the Webkit people are saying that the &quot;host name/$a[SNI] mismatch&quot; error thrown by the server is caused by the fact that Webkit is sending the correct $a[HTTP] Host header and correct $a[SNI] host name, and because one has a trailing dot and the other does not, they don&apos;t match.
    29. 

  29. 	As I&apos;ve tested what happens when you send the correct $a[SNI] host name and correct $a[HTTP] Host header, I knew that this isn&apos;t the case.
    30. 

  30. 	I was under the impression that the &quot;mismatch&quot; was that the two didn&apos;t correspond with one another because the trailing dot $a[SNI] host name doesn&apos;t correspond with <strong>*any*</strong> $a[HTTP] Host header, as it&apos;s invalid.
    31. 

  31. 	I thought that I&apos;d have to set up my own $a[HTTP] server that the Webkit people could access, which would be a breach of my $a[ISP]&apos;s terms of service.
    32. 

  32. 	With my own Web server, I might be able to nudge my server into providing access to my Web application by using a couple lines of code in a $a[PHP]-based 400 error page.
    33. 

  33. 	After running into a strange error in Iceweasel that prevented me from loading the $a[SNI] testing page (Iceweasel refused to allow me to accept the &quot;invalid&quot; certificate), I tried a subdomain of the main testing page because the certificate specifically mentioned being valid for two subdomains.
    34. 

  34. 	Much to my surprise, I found that not only did the new page not set off Iceweasel&apos;s anti-$a[TLS] error, it also didn&apos;t set of the server&apos;s error, despite the fact that the Web browser was still sending a malformed $a[SNI] host name.
    35. 

  35. 	Using this to my advantage, I was able to show the show the Webkit people the malformed $a[SNI] host name sant by Web browsers using their software.
    36. 

  36. 	By the end of the night, they did understand the problem.
    37. 

  37. 	However, they say that the bug isn&apos;t in Webkit, but somewhere else.
    38. 

  38. 	The person I spoke with confirmed that the error is in Safari (which I couldn&apos;t test myself), Chrome (Which I assumed had the error because <a href="apt:chromium">Chromium</a> does), and <a href="apt:iceweasel">Firefox</a> (which I already reported the bug in).
    39. 

  39. 	He said he&apos;d pass the information on to Apple so that they can fix Safari, which should lead to one more Web browser being fixed.
    40. 

  40. 	However, it means that I still need to figure out who to report the problem in <a href="apt:surf">Surf</a> to.
    41. 

  41. </p>
    42. 

  42. <p>
    43. 

  43. 	Speaking of playing games with the 400 error page, I found that I can display an actual page on my choosing in place of the default 400 error page, though doing so is less intuitive than I&apos;d like.
    44. 

  44. 	It might be possible to write a tricky 400 error page that checks to see if the cause of the error is a malformed $a[SNI] host name, and if it is, return the page that would have otherwise been returned if the $a[SNI] host name wans&apos;t present or was correct.
    45. 

  45. 	I might use this for a Web-based game if I have time to build it.
    46. 

  46. 	People that are running reasonable Web browsers might get a bonus while those running unreasonable Web browsers might get an inverse bonus and be presented with a link to an explanation.
    47. 

  47. 	The explanation would provide links to the bug reports on known Web browsers and invite the user to either pressure the developers into fixing them, file their own bug report against an unlisted Web browser, or switch to a known-working Web browser.
    48. 

  48. </p>
    49. 

  49. <p>
    50. 

  50. 	I spent most of the day in Springfield, trying to remove a broken faucet to replace it with one that might work.
    51. 

  51. 	However, most likely due to heavy corrosion, I wans&apos;t able to fully remove it.
    52. 

  52. 	I&apos;m not sure what we&apos;re going to have to do about it.
    53. 

  53. </p>
    54. 

  54. <p>
    55. 

  55. 	On the way home, I was thinking about moss and wondering if it&apos;s harmful to the trees it grows on.
    56. 

  56. 	I thought that I recalled hearing that moss doesn&apos;t sap the nutrients out of trees, but the roots of the moss digging into the tree had to be doing damage.
    57. 

  57. 	And if the moss is digging into the tree, why doesn&apos;t the tree&apos;s immune system fight off the moss? I looked it up on the way back, and it turns out that <a href="http://1800cuttree.com/content/moss-bad-trees">moss isn&apos;t in fact harmful to most trees</a> and isn&apos;t a parasite.
    58. 

  58. 	While moss does produce threadlike structures that help it hold onto the tree, it has no roots and doesn&apos;t actually dig into the tree.
    59. 

  59. 	This probably explains why moss can grow so well on stones too.
    60. 

  60. 	The biggest threat that moss poses to trees seems to be its weight.
    61. 

  61. 	If a particularly weakened and/or old tree has too much damp moss on it, it might not be able to support it all and that could lead to breaking.
    62. 

  62. </p>
    63. 

  63. END
    64. 

  64. );
    65. 

  65.