Feature Request - option to load websites with invalid certificates.

[OccultWarlock]

Hello, when attempting to use this browser to accept the terms when logging into hotel WiFi, when the page attempts to load after checking login, the app loads a dialog box which states:

“Could Not Load Webpage”

“The Certificate for this server is invalid. You might be connecting to a server that is pretending to be ....”

Is there anyway to add an option to load anyway so that I can connect my Apple TV to hotel WiFi? Thanks!

[Jason-Morcos]

Hi, unfortunately that means the server's certificate is invalid and tvOS (basically iOS) will not allow you to connect and there is no way to overwrite this. Not something we can do with the tvOS browser unfortunately :/

[Jason-Morcos]

One thing you can try if trying to get to a sign in page for the Wifi network is point the url at 192.168.1.1 or 192.168.0.1
Sometimes that will take you straight to the WiFi login page successfully.
Best of luck

[elksson]

I believe this should be possible although Apple would not allow your app on the App Store. However that is not really an issue since this app already uses private API’s.
https://stackoverflow.com/questions/11573164/uiwebview-to-view-self-signed-websites-no-private-api-not-nsurlconnection-i/15074358#15074358

[Jason-Morcos]

I'll re-open this issue since it does sound like it is possible as @elksson shared. That being said, I'm still not sure it's a great idea. Allowing insecure sites with bad certificates seems like an unsafe practice and (please correct me if I'm wrong) I don't believe Safari on the Mac would let you visit the site anyways.

I'd accept a PR from someone that includes this as a settings option, so long as it's not on by default. And it would probably be nice to include a security warning when flipping on "Allow Insecure Requests"

[OccultWarlock]

That’s guys! I really appreciate it!

And I tried the whole loading up the login page. I’m able to get there and accept the terms, but after I accept, it attempts to load Google automatically from the accept terms / login page, which is where the certificate issue comes up.

[elksson]

Both safari on Mac, and iPad, iOS will allow the user to bypass the insecure certificate however the default behavior is to present the user a warning page telling them about the risks. Then if the user chooses they can view the page anyways. I would expect a default behavior which presented a Popup Dialog which showed the clear risks and allowed the page to be bypassed one time would be acceptable default behavior. While a sticky option to allow any site to load without checking the certificate should be optional again only after confirming a warning message.

Even better would be that the sticky option only worked on specific sites which the user chose to ignore.