Hi to all,
I'm building an application that needs to alter the content of some specific webpages that uses HTTPS, it is for our company internal use, we need to extend some features exposed by a third party service.
Initially I tried with custom scheme handler for http and https but, unfortunately, i faced some bugs (some fixed using patches from bug reports, another one, related to flash sync io, not fixed) that forced me to change the way i was doing the stuff.
In the end I decided to leave CEF untouched and use a MITM (man in the middle) proxy to alter the html pages for my needs.
The biggest problem that I'm facing is that CefRequestHandler::OnCertificateError callback isn't triggered for untrusted certificates used by my proxy! I tried with ignore-certificate-errors switch and with websecurity flag set to off without success.
There is another callback to use?
I don't want to install a root certificate because my boss asked to me to consider the (future) possibility to distribuite this application to third parties and installing a CA inside a third party computer may be a serious security issue (basically anyone that owns the application can extract the CA private key and do MITM without being noticed by the user, not very nice).
I am using C# with Xilium.CefGlue but, as far I understand, this problem isn't related to it.
I don't have any kind of problem in rebuilding CEF and/or Xilium.CefGlue, I did it to fix the bugs I faced.
I tried Xilium.CefGlue dca991a20acf and f9edd9354cfc and Cef 3.1750.1704 (cefbuilds) and 3.1916.1750 (patched with #1259 and partially with #1070 for mime type handling)
Thanks!