-
Notifications
You must be signed in to change notification settings - Fork 313
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Workaround for ChromeDriver version 80 and later when used insecure domains #277
base: master
Are you sure you want to change the base?
Conversation
Hi, thanks for your contribution! |
👍 Maybe thheere should be a ssetting for it? At any rate, @bbaldino can you PTAL? |
This is great. Can anyone confirm it fixes the issues? |
Its not working for my setup.
The only thing I have diferent from default configuration is authentication via JWT. |
@macoronado your setup had been working on chrome/driver 78 ? |
Fixed the issue for our docker-jitsi-meet setup with I was wondering though if setting this is insecure in a non docker environment? |
If you use external connect from jibri to web jitsi-meet and have a hack like For now logic takes xmpp domain that was sent from xmpp server
and connect link to web jitsi-meet looks like https://XMPP_DOMAIN/room
Some time ago we've been discussed with @saghul this behavior and decided that we need to have an option for get on jibri url like |
Hm, we're running chromedriver |
It needs for ignore certificate errors for dummy domains, in our case (docker-jitsi-meet) the dummy xmpp domain is "jitsi.meet". In your prod, I guess, you use real FQDN and trusted certificates, so it doesn't rise any issues. |
Ok, just not sure accepting insecure certs is something we'd want to always turn on. Maybe it needs to be configurable. |
Oh, if it can be configurable, that's resolve the issue at all. |
Its a new setup. I have been testing a bit and I found that if I change the val $baseUrl with my public URL in: https://github.com/jitsi/jibri/blob/master/src/main/kotlin/org/jitsi/jibri/CallUrlInfo.kt I dont know how that val is calculated initially. Now I get an ffmpeg error:
Im lost because I have configured snd-aloop in my host and I have checked that is working from jibri with "aplay -l" and "arecord -l" |
|
That was the issue, I updated the asoundrc file with the lastest from source code and its working now. Thank you! The only thing I dont understand its why I had to change the baseUrl parameter to make it work. |
Can this be done with a chrome flag? Those are configurable now, but I'm not sure if there is an equivalent chrome flag to |
I think the right way to fix this is to add a config option in Jibri to set the "base URL". If set we could use that to build the meeting URL instead of fishing it from the XMPP conference config. WDYT? I could try my hand at a patch next week I think! |
I thought the issue was related to chrome loading an insecure URL, regardless of where the URL came from (the JID or some config)? |
That's true, but the reason we end up loading an insecure site is because in Docker we use a non existing domain "meet.jitsi" which is routable only in the Docker environment. As a result, we don't have a valid cert. |
Due to nearest changes in ChromeDriver using url like
https://jitsi.meet/room
is impossible, because the cert is not valid.79.0.3945.16
80.0.3987.16
The fix adds option
setAcceptInsecureCerts = true
tochromeOptions