[wp-hackers] Tiny pach for options-misc.php
jordi at jcanals.net
Fri Aug 7 00:31:15 UTC 2009
It's not a bug. That's just what standard says, the wilcard is only valid
for one level. A certificate for *.wordpress.org will match
trac.wordpress.org, but will not match core.track.wordpress.org. The bug is
in browsers matching the last one.
This is stated on the RFC 2818, look at page 4:
Matching is performed using the matching rules specified by
[RFC2459]. If more than one identity of a given type is present in
the certificate (e.g., more than one dNSName name, a match in any one
of the set is considered acceptable.) Names may contain the wildcard
character * which is considered to match any single domain name
component or component fragment. E.g., *.a.com matches foo.a.com but
not bar.foo.a.com. f*.com matches foo.com but not bar.com.
2009/8/7 Matt Freedman <speedboxer at gmail.com>
> Happens in Safari and Chrome as well, probably not a bug.
> On Thu, Aug 6, 2009 at 4:53 PM, Stephen Rider<wp-hackers at striderweb.com>
> > On Aug 6, 2009, at 3:10 PM, Ozh wrote:
> >> Firefox has recently been warning about untrusted connection when
> >> using the https <http://i28.tinypic.com/ibjngm.gif>, or is it just me?
> > I can confirm. I had to add an exception. Perhaps a bug report to
> > is in order?
> > Stephen
> > --
> > Stephen Rider
> > http://striderweb.com/
> > _______________________________________________
> > wp-hackers mailing list
> > wp-hackers at lists.automattic.com
> > http://lists.automattic.com/mailman/listinfo/wp-hackers
> Matt Freedman
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
More information about the wp-hackers