Comments (7)
Yes? It looks like somebody was careless with HSTS?
from echoip.
Unable to communicate securely with peer: requested domain name does not match the server’s certificate.
HTTP Strict Transport Security: true
HTTP Public Key Pinning: falsev6.ifconfig.co uses an invalid security certificate.
The certificate is only valid for the following names: atbapi.tar.io, git.tar.io, tar.io
Error code: SSL_ERROR_BAD_CERT_DOMAIN
from echoip.
@k0nsl - HSTS not available now
$ curl -sik https://v6.ifconfig.co
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 14 Jul 2016 20:11:32 GMT
Content-Type: application/json
Content-Length: 51
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
{
"status": 404,
"message": "route not found"
}
Bad frontend/balancer config?
from echoip.
HTTPS is not supported for v6.ifconfig.co. Please see #15 and #18.
from echoip.
But HSTS Preloading Chrome Edge Firefox IE Not in: Tor
of SSLlabs SSL Report
in 2001:16d8:ee03::cafe:d00d
aka ifconfig.co
create this torouble
@k0nsl assertion partly true
enough to force a single request http to https routes inside the browser, as I think
from echoip.
@gema-arta Yes, HSTS was mistakenly turned on in the past, and it is on for ifconfig.co, but not for v6.ifconfig.co.
from echoip.
I found one problem. The vhost for ifconfig.co was incorrectly adding includeSubdomains
in the HSTS header, causing HSTS to be enabled for v6.ifconfig.co as well. This has now been fixed.
Before:
`Strict-Transport-Security: max-age=31536000; includeSubdomains; preload``
After:
Strict-Transport-Security: max-age=31536000; preload
from echoip.
Related Issues (20)
- v4 shows IPv6 address HOT 1
- Starlink IP addresses HOT 1
- Alternate database HOT 1
- Expose Region code
- Docker compose file HOT 5
- Flags provided but not defined: docker-compose HOT 8
- Feature request: Show IPv4 AND IPv6 HOT 2
- Update GeoIP database
- New security measure preventing IP return HOT 7
- Please, add both ipv6 and ipv4 for ifconfig.co if ipv6 is available HOT 1
- Donations?
- Cloudflare stops the API access HOT 19
- Wrong identification of subnets ? HOT 1
- feature request: provide ipv4 only subdomain HOT 1
- How to install on Linux? HOT 1
- Issue with port 25 HOT 1
- Can this code work with the enterprise version of MaxMind?
- Suggestion: Support IP2Location LITE Database HOT 2
- How can I get round the CORS issue (Self Hosted)
- New Wiki page to detail how to run on Azure Websites HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from echoip.