Hi Arun, You are right, this should work. The http-on-examine-response fires when Firefox receives an HTTP response:
http://mxr.mozilla.org/firefox/source/netwerk/protocol/http/src/nsHttpChannel.cpp#874 The first response arrives after the TLS connection has been established, so the channel should always have the server certificate at this point. I couldn't find information about when http-on-examine-response was introduced, but it was definitely earlier than nsITraceableChannel. Peter On Jun 29, 4:29 am, MAK <arungene...@gmail.com> wrote: > Thankx a lot Peter > > This works fine. > > But as you mentioned this is not possible with the older series > browsers. So I just tried to fetch the certificate when "http-on- > examine-response" is fired. > > I could fetch the certificates of all the internal domains. So can > this be used as such or still I need to use the nsITracableChannel due > to some other controversies. > > Will there be any problems in querying the nsISSLStatus interface > within "http-on-examine-response" ? > > regards > Arun > > On Jun 26, 8:08 pm, Peter Djalaliev <peter.djalal...@gmail.com> wrote: > > > Arun, > > > One way is to register a nsIStreamListener using the > > nsITraceableChannel interface of the HTTP channel. Your > > nsIStreamListener will need to implement onStartRequest(), > > onStopRequest() and onDataAvailable(). In your case, however, the > > last two will just be almost empty methods. In onStartRequest(), you > > can get the nsISSLStatus from the HTTP channel. > > > You can register your nsIStreamListener using the "http-on-examine- > > response". When the event fires, you get the nsITraceableChannel > > interface from the HTTP channel and and replace the original stream > > listener with your own. Be sure to keep a pointer to the original > > stream listeners. Each of your methods above must call in the end the > > corresponding method from the original listener. Otherwise whatever > > initiated the the request (e.g. the docshell) will be out-of-sync with > > the networking library. > > > Ideally, you shouldn't do anything in onDataAvailable() but call the > > original stream listener. Otherwise, performance may degrade > > noticeably. > > > You can find more info and sample code > > here:http://www.softwareishard.com/blog/firebug/nsitraceablechannel-interc... > > > Note that nsITraceableChannel was introduced in Firefox 3.0.3.. For > > earlier versions, I don't know if there is a way to get the > > nsISSLStatus. From what I can see in the Firefox source code, only > > the module that initiated the HTTPS request can get this information. > > > I hope this helps. > > > Best Regards, > > Peter Djalaliev > > > On Jun 26, 2:40 am, MAK <arungene...@gmail.com> wrote: > > > > Thankx Peter, > > > > But how is the registration for nsIRequestObserver done. I tried > > > out many options, but in no way I'm able to query the nsISSLStatus > > > interface through nsIRequestObserver. > > > > regards, > > > Arun -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
