证书透明度修复
Electron 1.4.12 包含一个重要补丁,修复了上游 Chrome 的一个问题,该问题会导致一些 Symantec、GeoTrust 和 Thawte SSL/TLS 证书在 libchromiumcontent(Electron 底层的 Chrome 库)构建后 10 周被错误地拒绝。受影响网站使用的证书本身没有问题,更换这些证书也无济于事。
🌐 Electron 1.4.12 contains an important patch that fixes an upstream Chrome issue where some Symantec, GeoTrust, and Thawte SSL/TLS certificates are incorrectly rejected 10 weeks from the build time of libchromiumcontent, Electron's underlying Chrome library. There are no issues with the certificates used on the affected sites and replacing these certificates will not help.
在 Electron 1.4.0 至 1.4.11 版本中,使用这些受影响证书的网站的 HTTPS 请求在某个日期之后将因网络错误而失败。这会影响使用 Chrome 底层网络 API 发起的 HTTPS 请求,例如 window.fetch、Ajax 请求、Electron 的 net API、BrowserWindow.loadURL、webContents.loadURL、<webview> 标签上的 src 属性以及其他情况。
🌐 In Electron 1.4.0 — 1.4.11 HTTPS requests to sites using these affected
certificates will fail with network errors after a certain date.
This affects HTTPS requests made using Chrome's underlying networking APIs
such as window.fetch, Ajax requests, Electron's net API,
BrowserWindow.loadURL, webContents.loadURL, the src attribute on a
<webview> tag, and others.
将你的应用升级到1.4.12将防止这些请求失败的发生。
🌐 Upgrading your applications to 1.4.12 will prevent these request failures from occurring.
注意: 这个问题是在 Chrome 53 中引入的,因此早于 1.4.0 的 Electron 版本不受影响。
影响日期
🌐 Impact Dates
下面是一张表,列出了每个 Electron 1.4 版本以及使用受影响证书的网站请求开始失败的日期。
🌐 Below is a table of each Electron 1.4 version and the date when requests to sites using these affected certificates will start to fail.
| Electron Version | Impact Date |
|---|---|
| 1.3.x | Unaffected |
| 1.4.0 | Already failing |
| 1.4.1 | Already failing |
| 1.4.2 | Already failing |
| 1.4.3 | December 10th, 2016 9:00 PM PST |
| 1.4.4 | December 10th, 2016 9:00 PM PST |
| 1.4.5 | December 10th, 2016 9:00 PM PST |
| 1.4.6 | January 14th, 2017 9:00 PM PST |
| 1.4.7 | January 14th, 2017 9:00 PM PST |
| 1.4.8 | January 14th, 2017 9:00 PM PST |
| 1.4.9 | January 14th, 2017 9:00 PM PST |
| 1.4.10 | January 14th, 2017 9:00 PM PST |
| 1.4.11 | February 11th, 2017 9:00 PM PST |
| 1.4.12 | Unaffected |
你可以通过将电脑的时钟调快来验证你的应用的生效日期,然后检查 https://symbeta.symantec.com/welcome/ 是否能够成功加载。
🌐 You can verify your app's impact date by setting your computer's clock ahead and then check to see if https://symbeta.symantec.com/welcome/ successfully loads from it.
更多信息
🌐 More Information
你可以在以下地方阅读有关此主题、原始问题及其解决方法的更多信息:
🌐 You can read more about this topic, the original issue, and the fix at the following places: