Results 1 to 14 of 14
Like Tree7Likes
  • 3 Post By jonwise80
  • 2 Post By Herrie
  • 1 Post By dkirker
  • 1 Post By dkirker
  1.    #1  
    Qupzilla works pretty well on my TouchPad, I haven't got it working on my Pre3 yet, and its obviously a non-starter on my Pre+, so I've been thinking about another approach.

    There's a service called FiveFilters that I use on my webOS devices, to get actually useful RSS feeds (y'know, ones that have content, instead of links to content.) It works by following the "stub" links in an RSS feed, fetching the content, and assembling a new, more complete feed. They have very lightweight free version, a paid version, and an open source version you can run yourself if you can host a PHP web site/service somewhere (including say, on a Pi, within your home network.)

    So my thought is, couldn't we do the same thing with a regular old website? Write a service that fetches a given HTTPS url, and returns the content over HTTP? Obviously it wouldn't work for interactive links, websites with log-in, etc... But if you just want to read the content on a secure site, this should work -- right?

    With most browsers now dropping support for TLS 1.0 and 1.1 this year, and Google pushing hard for everyone to move to HTTPS, I'm thinking large portions of the WWW are going to be inaccessible to legacy webOS users pretty soon... I've got to come up with something.

    I'll give this a try. Another option might be a proxy server that strips HTTPS...
    MudShark22, elvispre and gazaud like this.
  2. Shuswap's Avatar
    Posts
    8 Posts
    Global Posts
    45 Global Posts
    #2  
    Quote Originally Posted by jonwise80 View Post
    Qupzilla works pretty well on my TouchPad, I haven't got it working on my Pre3 yet, and its obviously a non-starter on my Pre+, so I've been thinking about another approach.

    There's a service called FiveFilters that I use on my webOS devices, to get actually useful RSS feeds (y'know, ones that have content, instead of links to content.) It works by following the "stub" links in an RSS feed, fetching the content, and assembling a new, more complete feed. They have very lightweight free version, a paid version, and an open source version you can run yourself if you can host a PHP web site/service somewhere (including say, on a Pi, within your home network.)

    So my thought is, couldn't we do the same thing with a regular old website? Write a service that fetches a given HTTPS url, and returns the content over HTTP? Obviously it wouldn't work for interactive links, websites with log-in, etc... But if you just want to read the content on a secure site, this should work -- right?

    With most browsers now dropping support for TLS 1.0 and 1.1 this year, and Google pushing hard for everyone to move to HTTPS, I'm thinking large portions of the WWW are going to be inaccessible to legacy webOS users pretty soon... I've got to come up with something.

    I'll give this a try. Another option might be a proxy server that strips HTTPS...
    I've been thinking the same thing about some kind of intermediate server to render https sites for old devices.

    As for RSS feeds, I created this site to render Google News RSS feeds and "mobilize" them for old devices. NewsZ - Powered by Google News RSS Feeds

    Have a look. If you want the files, I can send you a zip.
  3. #3  
    Is this actually an issue? According to my stock browser, I'm viewing this site via https. As these base standards change slowly, is it possible that webOS supports fairly recent TLS standards? My assumption is that the stock browser struggles with modern Html & scripts.

    I use the feedspider app for RSS, using The old reader service (though a number of services are supported). That said, it tends to show article previews - depending on length. https://forums.webosnation.com/feeds...eder-fork.html
  4. #4  
    Things like github.com don't work, however other https sites DO work. So I suspect it's certain certificates or encryption that doesn't work. Anyone who might have some insight would be much appreciated.
    HP Veer (daily driver), HP Pre 3, HP Touchpad Proper 4G/LTE (Sierra MC7710), HP Touchpad 32GB WiFi, Palm Pre 2
  5. #5  
    Quote Originally Posted by Herrie View Post
    Things like github.com don't work, however other https sites DO work. So I suspect it's certain certificates or encryption that doesn't work. Anyone who might have some insight would be much appreciated.
    I still believe it has to do with the OpenSSL version that is installed on the device. The latest "official" for webOS is 0.9.8? If you check a site like forums.webosnation.com with SSL Labs and open the results page you will find somewhere at the end of the page a remark, that handshake simulation with OpenSSL 0.9.8 was successfull. A site like github.com has only success beginning with OpenSSL 1.0.1 at SSL Labs.

    So maybe the perfect solution might be to get a higher OpenSSL version?
  6. #6  
    Quote Originally Posted by Nafetz View Post
    I still believe it has to do with the OpenSSL version that is installed on the device. The latest "official" for webOS is 0.9.8? If you check a site like forums.webosnation.com with SSL Labs and open the results page you will find somewhere at the end of the page a remark, that handshake simulation with OpenSSL 0.9.8 was successfull. A site like github.com has only success beginning with OpenSSL 1.0.1 at SSL Labs.

    So maybe the perfect solution might be to get a higher OpenSSL version?
    The patches required are at https://github.com/tgaillar/OpenSSL-...ster/src/patch so it might not be that hard, but we'd need to see.
    HP Veer (daily driver), HP Pre 3, HP Touchpad Proper 4G/LTE (Sierra MC7710), HP Touchpad 32GB WiFi, Palm Pre 2
    Nafetz and gazaud like this.
  7.    #7  
    Quote Originally Posted by Herrie View Post
    So I suspect it's certain certificates or encryption that doesn't work. Anyone who might have some insight would be much appreciated.
    As I understand it, its older certificates that are OK -- newer ones are not. Google, Microsoft and Mozilla are all moving to render those older certificates un-supported, so more website will end up inaccessible.

    My crude HTTPS stripper is up. Unfortunately, since most sites use relative links, it has the side effect of stripping Scripts, CSS, and Images from the sites. However, if all you want is the text, it does actually do the trick.

    Try it out here:
    Code:
    http://dehttps.azurewebsites.net/?http://whatever-site-you-want.com
    This link will likely go away, so download and run it yourself if you want -- source is here:
    https://github.com/codepoet80/de-https

    I could start investigating re-writing URLs within the content, but I'm betting there's something out there that will do it. Maybe this?
    https://sourceforge.net/projects/php-proxy/
  8. #8  
    I've started looking into this. Somewhere I posted a comment about setting up a Squid proxy to do this.

    There is some tweaks that would need to be done to libssl. I had tried to use a newer version, but unfortunately some direct access to a couple of structures was done outside of the library, so the order of those structures (they changed a little) would need to be preserved. Otherwise, I think updating the library would work.
    Did you know:

    webOS ran on a Treo 800 during initial development.
    jonwise80 likes this.
  9.    #9  
    So, I got SQUID working as a Proxy server, and my Pre talks to it happily. Right now it just passes traffic straight through, so it doesn't solve the problem. Looking into this, as a work-around:

    https://wiki.squid-cache.org/Feature...LS_connections
  10. #10  
    Yeah, you'll have to enable SSL/TLS bumping. This is the config I use on an older server: https://github.com/dkirker/webos-pat...e/master/squid I have commented out some lines that should work on a newer server. (I need to migrate my setup to a new server and not this ancient Fedora box...)
    Did you know:

    webOS ran on a Treo 800 during initial development.
    jonwise80 likes this.
  11. #11  
    I assume you are aware of the openssl updater for webOS devices? It doesn't fix everything and doesn't work on webOS 2.1, but it allows support for sha256 certs, not sure what else if anything. Just wanted to make sure.
  12. #12  
    Quote Originally Posted by Grabber5.0 View Post
    I assume you are aware of the openssl updater for webOS devices? It doesn't fix everything and doesn't work on webOS 2.1, but it allows support for sha256 certs, not sure what else if anything. Just wanted to make sure.
    I've mentioned this. It seems there's a problem on the horizon regarding deprecation of older TLS standards. We know SSL verifies certificates. I assumed it performed other cryptographic functions and that might include TLS, but I don't know. Or it might be that it would work if some TLS related bit of code handles the newer standards.
    https://developers.google.com/web/up...ot-secure-warn

    I'll start a specific thread.
  13. #13  
    Quote Originally Posted by Preemptive View Post
    I've mentioned this. It seems there's a problem on the horizon regarding deprecation of older TLS standards. We know SSL verifies certificates. I assumed it performed other cryptographic functions and that might include TLS, but I don't know. Or it might be that it would work if some TLS related bit of code handles the newer standards.
    https://developers.google.com/web/up...ot-secure-warn

    I'll start a specific thread.
    It handles all of that I believe. I hadn't seen it mentioned in this thread, so I wanted to make sure he knows about it.
  14. #14  
    Quote Originally Posted by Grabber5.0 View Post
    It handles all of that I believe. I hadn't seen it mentioned in this thread, so I wanted to make sure he knows about it.
    You're right, I mentioned it at the User Group Meeting. Here is the thread: Is the end of support for TLS 1.0 & 1.1 a problem?

Similar Threads

  1. pivotCE: The New Palm phone is revealed.
    By Preemptive in forum Upcoming & Rumored webOS Devices
    Replies: 28
    Last Post: 11/08/2018, 06:43 AM
  2. webOS Collection for sale!
    By Aeatherion in forum Marketplace
    Replies: 3
    Last Post: 10/20/2018, 04:53 PM
  3. ALL is working... except the phone calls
    By Bernard Foutre in forum Palm Pre 2
    Replies: 3
    Last Post: 10/16/2018, 01:23 PM
  4. Mojo Maps for Google - new for 2018
    By George Mari in forum webOS Apps & Games
    Replies: 0
    Last Post: 10/12/2018, 09:18 PM
  5. This case for the Palm Pre is compatible with the Palm Pre 2?
    By Blaby in forum webOS Discussion Lounge
    Replies: 5
    Last Post: 10/02/2018, 08:51 PM

Posting Permissions