Hi, The images are also fetched through HTTP GET requests, right? "http- on-modify-request" is domain-independent, i.e it will notify you of every outgoing HTTP request, both to websites A and B. For example, assuming that A is the main web server and B is the image server, you should see one or more HTTP request events to A and one or more HTTP request events to B. If both use SSL, you should be able to get both of their server certificates.
I haven't checked this well, but is it possible that the SSL connection is not always established when the "http-on-modify-request" fires? It looks like Firefox 3 notifes "http-on-modify-request" listeners during: 1) HttpChannel->AsyncOpen(): http://mxr.mozilla.org/firefox/source/netwerk/protocol/http/src/nsHttpChannel.cpp#3793 2) HttpChannel->DoAuthRetry(): http://mxr.mozilla.org/firefox/source/netwerk/protocol/http/src/nsHttpChannel.cpp#4944 So, checking certificates when "http-on-modify-request" fires may or may not work, I'm not sure. Another way of doing what you want, which sounds like it should work, is to register an nsIRequestObserver listener and, in the OnStartRequest() callback, use the nsISSLStatus interface to access the certificate. I hope this helps. Best Regards, Peter Djalaliev On Jun 25, 12:50 am, MAK <arungene...@gmail.com> wrote: > Hi all, > > My requirement is to fetch a website's SSL server certificate. For > this I need the nsIChannel, so that I can use the securityInfo > option. > > I need to fetch nsIChannel for a websites internal domains too. > For > example, I have a website A and within that you may have requests to > another website B (may be an image server). > > In this case, will you be able to get the nsIChannel for both the > domains A and B ? > > I did the following using a JS XPCOM component: > 1. registered an observer for "http-on-modify-request" > 2. queried nsIChannel and nsIHttpChannel > 3. in the onModifyRequest Listener, I used notificationCallbacks and > created instance for nsIDocShell through nsIInterfaceRequestor > 4. used getDocShellEnumerator to get the docShell of all the children > 5. used securityUI from the docShell to fetch the certificate > > I tried by simply using the nsIChannel alone instead of going > through all the above mentioned stuff. But I'm able to get the server > certificate of the master domain only (domain present in the > navigation bar of the browser). > > ie. In my case, the server certificate of website A is available > but not that of B. > > I think I'm going wrong in fetching the proper nsIChannel. How can > this be done or is there some other possibilities to fetch the SSL > server certificate of an internal domain ? > > Thanks in advance, > Arun -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
