当前位置: 文江博客话题详情

有没有办法从 Chrome 扩展程序访问证书信息

发布于 2024-11-18 07:55:55 字数 716 浏览 4 评论 0原文

我想从 Google Chrome 扩展程序访问 SSL 证书信息。

我查看了此处的 API:http://code.google.com/chrome/extensions/api_index.html ,但没有看到任何可以完成工作的东西。

理想情况下,我想访问发行者、有效期、主题、序列号等...

这在 Mozilla/Firefox 中似乎是可能的:

https://developer.mozilla.org/En/How_to_check_the_security_state_of_an_XMLHTTPRequest_over_SSL

http://www.sslshopper.com/article-perspectives-扩展更改如何-firefox-handles-ssl-certificates.html

原文

I'd like to access SSL certificate information from a Google Chrome extension.

I took a look at the APIs here: http://code.google.com/chrome/extensions/api_index.html, but didn't see anything that would get the job done.

Ideally I'd like to get access to Issuer, Validity Period, Subject, Serial Number, etc...

This seems to be possible in Mozilla/Firefox:

https://developer.mozilla.org/En/How_to_check_the_security_state_of_an_XMLHTTPRequest_over_SSL

http://www.sslshopper.com/article-perspectives-extension-to-change-how-firefox-handles-ssl-certificates.html

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

┈┾☆殇 2024-11-25 07:55:55

2018年答案:webextensions(使用Chrome扩展API)可以在Firefox 62中执行此操作

您需要制作一个WebExtension,也称为浏览器扩展。

请参阅访问 MDN 上的安全信息

您还可以查看文档:

您需要 Firefox 62。

这是一个有效的 background.js

var log = console.log.bind(console)

log(`\n\nTLS browser extension loaded`)

// https://developer.chrome.com/extensions/match_patterns
var ALL_SITES = { urls: ['<all_urls>'] }

// Mozilla doesn't use tlsInfo in extraInfoSpec 
var extraInfoSpec = ['blocking']; 

// https://developer.mozilla.org/en-US/Add-ons/WebExtensions/API/webRequest/onHeadersReceived
browser.webRequest.onHeadersReceived.addListener(async function(details){
    log(`\n\nGot a request for ${details.url} with ID ${details.requestId}`)

    // Yeah this is a String, even though the content is a Number
    var requestId = details.requestId

    var securityInfo = await browser.webRequest.getSecurityInfo(requestId, {
        certificateChain: true,
        rawDER: false
    });

    log(`securityInfo: ${JSON.stringify(securityInfo, null, 2)}`)

}, ALL_SITES, extraInfoSpec) 

log('Added listener')

manifest.json

{
    "manifest_version": 2,
    "name": "Test extension",
    "version": "1.0",
    "description": "Test extension.",
    "icons": {
        "48": "icons/border-48.png"
    },
    "background": {
        "scripts": ["background.js"]
    },
    "permissions": [
        "webRequest",
        "webRequestBlocking",
        "<all_urls>"
    ]
}

在此处输入图像描述

它也可以在 Chromium 中实现一次 此代码已合并

2018 answer: webextensions (which use the Chrome extension API) can do this in Firefox 62

You'll need to make a WebExtension, which is also called a browser extension.

See accessing security information on MDN

You can also check out the docs for:

You'll need Firefox 62.

Here's a working background.js

var log = console.log.bind(console)

log(`\n\nTLS browser extension loaded`)

// https://developer.chrome.com/extensions/match_patterns
var ALL_SITES = { urls: ['<all_urls>'] }

// Mozilla doesn't use tlsInfo in extraInfoSpec 
var extraInfoSpec = ['blocking']; 

// https://developer.mozilla.org/en-US/Add-ons/WebExtensions/API/webRequest/onHeadersReceived
browser.webRequest.onHeadersReceived.addListener(async function(details){
    log(`\n\nGot a request for ${details.url} with ID ${details.requestId}`)

    // Yeah this is a String, even though the content is a Number
    var requestId = details.requestId

    var securityInfo = await browser.webRequest.getSecurityInfo(requestId, {
        certificateChain: true,
        rawDER: false
    });

    log(`securityInfo: ${JSON.stringify(securityInfo, null, 2)}`)

}, ALL_SITES, extraInfoSpec) 

log('Added listener')

manifest.json:

{
    "manifest_version": 2,
    "name": "Test extension",
    "version": "1.0",
    "description": "Test extension.",
    "icons": {
        "48": "icons/border-48.png"
    },
    "background": {
        "scripts": ["background.js"]
    },
    "permissions": [
        "webRequest",
        "webRequestBlocking",
        "<all_urls>"
    ]
}

enter image description here

It also may be implemented in Chromium once this code is merged.

回复 原文
情绪 2024-11-25 07:55:55

目前尚不可用,但有 Chromium API 提案 webRequest SSL Hooks(从 02/27/2012 开始)处理此主题。

It is currently not available, but there's the Chromium API proposal webRequest SSL Hooks (from 02/27/2012) which treats this topic.

回复 原文
零崎曲识 2024-11-25 07:55:55

您可以使用NPAPI插件 来做到这一点。

You can use a NPAPI plugin to do that.

回复 原文
~没有更多了~

关于作者

小嗷兮

暂无简介

0 文章
0 评论
23 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

Gabu-gabumon

文章 0 评论 0

qq_CgiN62

文章 0 评论 0

荔枝明

文章 0 评论 0

赏烟花じ飞满天

文章 0 评论 0

独守阴晴ぅ圆缺

文章 0 评论 0

¤→小豸慧

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文