Menu
I am using the grunt-accessibility plugins to automate the reporting for accessibility errors. It works fine for normally, but when I try it on a site which has a self signed certificate (the kind which shows an interim page with some certificate security warning and a link to continue to the site if you still wish to), it reports the error on that interim page itself which is, of course an empty page:
<html>
<head></head>
<body></body>
</html>
Obviously I want to bypass this interim page and run accessibility on the actual page.
What I was trying?
I had tried the following (found from googling and from other SO's Q&A):
The infamous hack
npm set strict-ssl false
Adding the imported certification path
npm config set cafile="C:\path\to\cert.cer"
Adding process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0" (see Grunfile below)
From what I gather, grunt-accessibility uses AccessSniff which in turn uses phantomjs. Now, phantomjs has options to ignore such warnings by
--ignore-ssl-errors=[true|false]ignores SSL errors, such as expired or self-signed certificate errors (default is false).
Above is the CLI options, which I am not able to pass from Grunfile.js.
Can someone help me resolve or suggest another approach for the issue.
This is my Gruntfile.js:
module.exports = grunt => {
process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
grunt.initConfig({
phantomjs: {
// default: {
options: {
"ignore-ssl-errors": true,
// tested here with different instructions as per comments
// below from users on this site, such as
// "--ignore-ssl-errors": true (-- hyphen)
// "ignore-ssl-errors": "true" ("true" as string)
"ssl-protocol": "any",
"ssl-certificates-path": "C:/path/to/cert.cer"
}
// }
},
accessibility: {
options: {
force: true,
accessibilityLevel: 'WCAG2AAA',
browser: true // tested with both true/false, i.e. opt for phantomjs/jsDom
},
test: {
options: {
urls: ['https://self-signed.badssl.com/']
},
src: ['example/test.html']
}
}
});
grunt.loadNpmTasks('grunt-accessibility');
grunt.registerTask('default', ['accessibility']);
};
P.S.:
test url is an actual self-signed ssl site, so you can copy/paste the above code and test it
only dependencies in package.json
"devDependencies": {
"grunt": "^1.0.1",
"grunt-accessibility": "^5.0.0"
}
node version v.8.9.0
214
To suppress warnings from a self-signed certificate, the domain component of the ArcGIS Server URL must match the Common Name property of the certificate. To learn how to set this property, see Enabling SSL on ArcGIS Server.
Ignore SSL Certificate Checks with Curl. To ignore invalid and self-signed certificate checks on Curl, use the -k or --insecure command-line option. This option allows Curl to perform "insecure" SSL connections and skip SSL certificate checks while you still have SSL-encrypted communications.
The self-signed certificate can be mitigated by using a certificate from trusted CA and the certificates can be imported to switch using any of the following CLIs: download ssl ipaddress certificate ssl-cert cert_file. download ssl ipaddress privkey key_file.
I don't think you can directly affect how PhantomJS is called from within another Grunt plugin within your own Gruntfile.
If I'm not mistaken, the only solution is to either commit a change to the grunt-accessibility package that passes an ignore-ssl-errors option (in the the options you pass to grunt-accessibility) upstream to PhantomJS; or to intercept the call to PhantomJS and inject the ignore-ssl-errors option.
I think the second solution will be the quickest and most expedient. You'd have to either manually modify the entry point (either node_modules/.bin/phantomjs or node_modules/phantomjs/index.js) or write a pre-run script that would modify it. In the modified .js file, you'd inject the ignore-ssl-errors by adding code to the top of the file that appends it to the process.argv array:
process.argv.push("--ignore-ssl-errors=true");
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
