Javascript 检测浏览器 TLS 兼容性
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/30991911/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Detect browser TLS compatibility
提问by Aamir
We have a SSL website where the host has recently disabled older SSL protocols like TLS 1.0 and below. Depending on the browser, the site visitor gets a blank page or a cryptic error message when they visit the site if the browser they are using does not support at least TLS 1.1.
我们有一个 SSL 网站,该网站的主机最近禁用了旧的 SSL 协议,如 TLS 1.0 及更低版本。根据浏览器的不同,如果他们使用的浏览器至少不支持 TLS 1.1,那么站点访问者在访问站点时会收到空白页面或神秘的错误消息。
I was hoping to create a landing page that is not on the SSL port and where I can detect the browser capability if it supports TLS 1.1 and above. If it doesn't then I want to show them a friendly message to upgrade their browser or use a different browser.
我希望创建一个不在 SSL 端口上的登录页面,如果它支持 TLS 1.1 及更高版本,我可以在其中检测浏览器功能。如果没有,那么我想向他们显示一条友好的消息以升级他们的浏览器或使用其他浏览器。
Is this something that can be accomplished using client side javascript library? If so, then what should I be using.
这是可以使用客户端 javascript 库来完成的吗?如果是这样,那么我应该使用什么。
Thanks.
谢谢。
回答by Oriol
You can use the APIprovided by How's my SSL?.
您可以使用How's my SSL?提供的 API 。.
In the following example, I check the tls_version. Checking given_cipher_suitesmay also be a good idea.
在以下示例中,我检查了tls_version. 检查given_cipher_suites也可能是一个好主意。
<script>
window.parseTLSinfo = function(data) {
var version = data.tls_version.split(' ');
console.log(
version[0] != 'TLS' || version[1] < 1.2
? 'So bad! Your browser only supports ' + data.tls_version + '. Please upgrade to a browser with TLS 1.2 support.'
: 'All OK. Your browser supports ' + data.tls_version + '.'
);
console.log(data);
};
</script>
<script src="https://www.howsmyssl.com/a/check?callback=parseTLSinfo"></script>回答by Ady
Here is a way Create a image with jQuery, and add a src attribute, I use a button from PayPal, now all the request to PayPal must via TSL1.2 Hope this can work
这是一种使用 jQuery 创建图像并添加 src 属性的方法,我使用 PayPal 的按钮,现在所有对 PayPal 的请求都必须通过 TSL1.2 希望这可以工作
jQuery('<img />').on({
load: function() {
console.log("support TSL1.2");
},
error: function() {
console.log('no support TSL1.2');
}
}).attr('src','https://www.paypal.com/en_US/i/btn/btn_xpressCheckout.gif');
回答by KatonahMike
There are at least two web sites that will check the browser capabilities for you, including SSL Labs (https://www.ssllabs.com/ssltest/viewMyClient.html) and HowsMySSL (https://www.howsmyssl.com/). HowsMySSL also has a nice API that can be easily checked from JavaScript.
至少有两个网站可以为您检查浏览器功能,包括 SSL Labs ( https://www.ssllabs.com/ssltest/viewMyClient.html) 和 HowsMySSL ( https://www.howsmyssl.com/) . HowsMySSL 也有一个很好的 API,可以很容易地从 JavaScript 中检查。
回答by alon
Indeed, you cannot check the TLS version. I had to load a script from a site which only supports TLS 1.2 (as opposed to my page). Using the simple HTML script tag would not give you any clue that the script was not loaded. As a result I ended up using following script to load JS from a different domain: ?
实际上,您无法检查 TLS 版本。我必须从仅支持 TLS 1.2 的站点(而不是我的页面)加载脚本。使用简单的 HTML 脚本标记不会为您提供脚本未加载的任何线索。结果我最终使用以下脚本从不同的域加载 JS:
$.ajaxSetup({'cache':true});
$.getScript('{scriptUrl}').done(function(){
alert("done");
}).fail(function( jqxhr, settings, exception ) {
alert(jqxhr.status);
alert(jqxhr.responseText);
alert(exception);
});
?
?
In case of TLS problems the jqxhr.status will be 404 so you can display a message to the user.
如果出现 TLS 问题,jqxhr.status 将为 404,因此您可以向用户显示一条消息。
回答by GoldPaintedLemons
Small note; code aside I think folks should be aware if you're presenting your end user with an error message regarding this, you should understand that TLS versions on not just a browser restriction, but essentially OS level. You have to have it enabled on your machine andyour browser must support it. You can be on the latest chrome, but if in Internet Settings (on Windows) it's been disabled, you'll still have a TLS negotiation issue.
小纸条;撇开代码不谈,我认为人们应该知道,如果您向最终用户显示有关此的错误消息,您应该了解 TLS 版本不仅是浏览器限制,而且主要是操作系统级别。您必须在您的机器上启用它,并且您的浏览器必须支持它。您可以使用最新的 chrome,但如果在 Internet 设置(在 Windows 上)中它已被禁用,您仍然会遇到 TLS 协商问题。
