mirror of
https://github.com/silkimen/cordova-plugin-advanced-http.git
synced 2024-10-06 09:12:13 +08:00
- some cleanup
- deprecate "setSSLCertMode" in favor of "setServerTrustMode"
This commit is contained in:
parent
8d28f4ab80
commit
d977392a49
@ -1,5 +1,9 @@
|
||||
# Changelog
|
||||
|
||||
## 2.0.8
|
||||
|
||||
- :warning: **Deprecation**: Deprecated "setSSLCertMode" in favor of "setServerTrustMode"
|
||||
|
||||
## 2.0.7
|
||||
|
||||
- Fixed #195: URLs are double-encoded on Android
|
||||
|
29
README.md
29
README.md
@ -128,13 +128,13 @@ cordova.plugin.http.clearCookies();
|
||||
## Asynchronous Functions
|
||||
These functions all take success and error callbacks as their last 2 arguments.
|
||||
|
||||
### setSSLCertMode<a name="setSSLCertMode"></a>
|
||||
Set SSL Cert handling mode, being one of the following values:
|
||||
### setServerTrustMode<a name="setServerTrustMode"></a>
|
||||
Set server trust mode, being one of the following values:
|
||||
|
||||
* `default`: default SSL cert handling using system's CA certs
|
||||
* `default`: default SSL trustship and hostname verification handling using system's CA certs
|
||||
* `legacy`: use legacy default behavior (< 2.0.3), excluding user installed CA certs (only for Android)
|
||||
* `nocheck`: disable SSL cert checking, trusting all certs (meant to be used only for testing purposes)
|
||||
* `pinned`: trust only provided certs
|
||||
* `nocheck`: disable SSL certificate checking and hostname verification, trusting all certs (meant to be used only for testing purposes)
|
||||
* `pinned`: trust only provided certificates
|
||||
|
||||
To use SSL pinning you must include at least one `.cer` SSL certificate in your app project. You can pin to your server certificate or to one of the issuing CA certificates. Include your certificate in the `www/certificates` folder. All `.cer` files found there will be loaded automatically.
|
||||
|
||||
@ -142,32 +142,38 @@ To use SSL pinning you must include at least one `.cer` SSL certificate in your
|
||||
|
||||
```js
|
||||
// enable SSL pinning
|
||||
cordova.plugin.http.setSSLCertMode('pinned', function() {
|
||||
cordova.plugin.http.setServerTrustMode('pinned', function() {
|
||||
console.log('success!');
|
||||
}, function() {
|
||||
console.log('error :(');
|
||||
});
|
||||
|
||||
// use system's default CA certs
|
||||
cordova.plugin.http.setSSLCertMode('default', function() {
|
||||
cordova.plugin.http.setServerTrustMode('default', function() {
|
||||
console.log('success!');
|
||||
}, function() {
|
||||
console.log('error :(');
|
||||
});
|
||||
|
||||
// disable SSL cert checking, only meant for testing purposes, do NOT use in production!
|
||||
cordova.plugin.http.setSSLCertMode('nocheck', function() {
|
||||
cordova.plugin.http.setServerTrustMode('nocheck', function() {
|
||||
console.log('success!');
|
||||
}, function() {
|
||||
console.log('error :(');
|
||||
});
|
||||
```
|
||||
|
||||
### setSSLCertMode (deprecated)
|
||||
This function was deprecated in 2.0.8. Use ["setServerTrustMode"](#setServerTrustMode) instead.
|
||||
|
||||
### enableSSLPinning (obsolete)
|
||||
This function was removed in 2.0.0. Use ["setSSLCertMode"](#setSSLCertMode) to enable SSL pinning (mode "pinned").
|
||||
This function was removed in 2.0.0. Use ["setServerTrustMode"](#setServerTrustMode) to enable SSL pinning (mode "pinned").
|
||||
|
||||
### acceptAllCerts (obsolete)
|
||||
This function was removed in 2.0.0. Use ["setSSLCertMode"](#setSSLCertMode) to disable checking certs (mode "nocheck").
|
||||
This function was removed in 2.0.0. Use ["setServerTrustMode"](#setServerTrustMode) to disable checking certs (mode "nocheck").
|
||||
|
||||
### validateDomainName (obsolete)
|
||||
This function was removed in v1.6.2. Domain name validation is disabled automatically when you set server trust mode to "nocheck".
|
||||
|
||||
### disableRedirect
|
||||
If set to `true`, it won't follow redirects automatically. This defaults to false.
|
||||
@ -180,9 +186,6 @@ cordova.plugin.http.disableRedirect(true, function() {
|
||||
});
|
||||
```
|
||||
|
||||
### validateDomainName (obsolete)
|
||||
This function was removed in v1.6.2. Domain name validation is disabled automatically when you set SSL cert mode to "nocheck".
|
||||
|
||||
### removeCookies
|
||||
Remove all cookies associated with a given URL.
|
||||
|
||||
|
@ -21,15 +21,17 @@ class CordovaClientAuth implements Runnable, KeyChainAliasCallback {
|
||||
private static final String TAG = "Cordova-Plugin-HTTP";
|
||||
|
||||
private String mode;
|
||||
private String filePath;
|
||||
private Activity activity;
|
||||
private Context context;
|
||||
private TLSConfiguration tlsConfiguration;
|
||||
private CallbackContext callbackContext;
|
||||
|
||||
public CordovaClientAuth(final String mode, final Activity activity, final Context context,
|
||||
public CordovaClientAuth(final String mode, final String filePath, final Activity activity, final Context context,
|
||||
final TLSConfiguration configContainer, final CallbackContext callbackContext) {
|
||||
|
||||
this.mode = mode;
|
||||
this.filePath = filePath;
|
||||
this.activity = activity;
|
||||
this.tlsConfiguration = configContainer;
|
||||
this.context = context;
|
||||
@ -42,7 +44,7 @@ class CordovaClientAuth implements Runnable, KeyChainAliasCallback {
|
||||
case "systemstore":
|
||||
KeyChain.choosePrivateKeyAlias(this.activity, this, null, null, null, -1, null);
|
||||
break;
|
||||
case "bundle":
|
||||
case "file":
|
||||
// @todo use pfx in bundle
|
||||
this.callbackContext.error("Not implemented, yet");
|
||||
break;
|
||||
|
@ -68,8 +68,8 @@ public class CordovaHttpPlugin extends CordovaPlugin {
|
||||
return this.uploadFile(args, callbackContext);
|
||||
case "downloadFile":
|
||||
return this.downloadFile(args, callbackContext);
|
||||
case "setSSLCertMode":
|
||||
return this.setSSLCertMode(args, callbackContext);
|
||||
case "setServerTrustMode":
|
||||
return this.setServerTrustMode(args, callbackContext);
|
||||
case "setClientAuthMode":
|
||||
return this.setClientAuthMode(args, callbackContext);
|
||||
case "disableRedirect":
|
||||
@ -140,7 +140,7 @@ public class CordovaHttpPlugin extends CordovaPlugin {
|
||||
return true;
|
||||
}
|
||||
|
||||
private boolean setSSLCertMode(final JSONArray args, final CallbackContext callbackContext) throws JSONException {
|
||||
private boolean setServerTrustMode(final JSONArray args, final CallbackContext callbackContext) throws JSONException {
|
||||
CordovaServerTrust runnable = new CordovaServerTrust(args.getString(0), this.cordova.getActivity(),
|
||||
this.tlsConfiguration, callbackContext);
|
||||
|
||||
@ -150,7 +150,7 @@ public class CordovaHttpPlugin extends CordovaPlugin {
|
||||
}
|
||||
|
||||
private boolean setClientAuthMode(final JSONArray args, final CallbackContext callbackContext) throws JSONException {
|
||||
CordovaClientAuth runnable = new CordovaClientAuth(args.getString(0), this.cordova.getActivity(),
|
||||
CordovaClientAuth runnable = new CordovaClientAuth(args.getString(0), args.getString(1), this.cordova.getActivity(),
|
||||
this.cordova.getContext(), this.tlsConfiguration, callbackContext);
|
||||
|
||||
cordova.getThreadPool().execute(runnable);
|
||||
|
@ -28,8 +28,8 @@ public class TLSSocketFactory extends SSLSocketFactory {
|
||||
}
|
||||
|
||||
@Override
|
||||
public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException {
|
||||
return enableTLSOnSocket(delegate.createSocket(s, host, port, autoClose));
|
||||
public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException {
|
||||
return enableTLSOnSocket(delegate.createSocket(socket, host, port, autoClose));
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -4,7 +4,7 @@
|
||||
|
||||
@interface CordovaHttpPlugin : CDVPlugin
|
||||
|
||||
- (void)setSSLCertMode:(CDVInvokedUrlCommand*)command;
|
||||
- (void)setServerTrustMode:(CDVInvokedUrlCommand*)command;
|
||||
- (void)disableRedirect:(CDVInvokedUrlCommand*)command;
|
||||
- (void)post:(CDVInvokedUrlCommand*)command;
|
||||
- (void)get:(CDVInvokedUrlCommand*)command;
|
||||
|
@ -126,7 +126,7 @@
|
||||
return headerFieldsCopy;
|
||||
}
|
||||
|
||||
- (void)setSSLCertMode:(CDVInvokedUrlCommand*)command {
|
||||
- (void)setServerTrustMode:(CDVInvokedUrlCommand*)command {
|
||||
NSString *certMode = [command.arguments objectAtIndex:0];
|
||||
|
||||
if ([certMode isEqualToString: @"default"] || [certMode isEqualToString: @"legacy"]) {
|
||||
|
@ -1,14 +1,14 @@
|
||||
const hooks = {
|
||||
onBeforeEachTest: function(done) {
|
||||
cordova.plugin.http.clearCookies();
|
||||
helpers.setDefaultCertMode(done);
|
||||
helpers.setDefaultServerTrustMode(done);
|
||||
}
|
||||
};
|
||||
|
||||
const helpers = {
|
||||
setDefaultCertMode: function(done) { cordova.plugin.http.setSSLCertMode('default', done, done); },
|
||||
setNoCheckCertMode: function(done) { cordova.plugin.http.setSSLCertMode('nocheck', done, done); },
|
||||
setPinnedCertMode: function(done) { cordova.plugin.http.setSSLCertMode('pinned', done, done); },
|
||||
setDefaultServerTrustMode: function(done) { cordova.plugin.http.setServerTrustMode('default', done, done); },
|
||||
setNoCheckServerTrustMode: function(done) { cordova.plugin.http.setServerTrustMode('nocheck', done, done); },
|
||||
setPinnedServerTrustMode: function(done) { cordova.plugin.http.setServerTrustMode('pinned', done, done); },
|
||||
setJsonSerializer: function(done) { done(cordova.plugin.http.setDataSerializer('json')); },
|
||||
setUtf8StringSerializer: function(done) { done(cordova.plugin.http.setDataSerializer('utf8')); },
|
||||
setUrlEncodedSerializer: function(done) { done(cordova.plugin.http.setDataSerializer('urlencoded')); },
|
||||
@ -91,7 +91,7 @@ const tests = [
|
||||
{
|
||||
description: 'should accept bad cert (GET)',
|
||||
expected: 'resolved: {"status":200, ...',
|
||||
before: helpers.setNoCheckCertMode,
|
||||
before: helpers.setNoCheckServerTrustMode,
|
||||
func: function(resolve, reject) { cordova.plugin.http.get('https://self-signed.badssl.com/', {}, {}, resolve, reject); },
|
||||
validationFunc: function(driver, result) {
|
||||
result.type.should.be.equal('resolved');
|
||||
@ -101,7 +101,7 @@ const tests = [
|
||||
{
|
||||
description: 'should accept bad cert (PUT)',
|
||||
expected: 'rejected: {"status":405, ... // will be rejected because PUT is not allowed',
|
||||
before: helpers.setNoCheckCertMode,
|
||||
before: helpers.setNoCheckServerTrustMode,
|
||||
func: function(resolve, reject) { cordova.plugin.http.put('https://self-signed.badssl.com/', { test: 'testString' }, {}, resolve, reject); },
|
||||
validationFunc: function(driver, result) {
|
||||
result.type.should.be.equal('rejected');
|
||||
@ -111,7 +111,7 @@ const tests = [
|
||||
{
|
||||
description: 'should accept bad cert (POST)',
|
||||
expected: 'rejected: {"status":405, ... // will be rejected because POST is not allowed',
|
||||
before: helpers.setNoCheckCertMode,
|
||||
before: helpers.setNoCheckServerTrustMode,
|
||||
func: function(resolve, reject) { cordova.plugin.http.post('https://self-signed.badssl.com/', { test: 'testString' }, {}, resolve, reject); },
|
||||
validationFunc: function(driver, result) {
|
||||
result.type.should.be.equal('rejected');
|
||||
@ -121,7 +121,7 @@ const tests = [
|
||||
{
|
||||
description: 'should accept bad cert (PATCH)',
|
||||
expected: 'rejected: {"status":405, ... // will be rejected because PATCH is not allowed',
|
||||
before: helpers.setNoCheckCertMode,
|
||||
before: helpers.setNoCheckServerTrustMode,
|
||||
func: function(resolve, reject) { cordova.plugin.http.patch('https://self-signed.badssl.com/', { test: 'testString' }, {}, resolve, reject); },
|
||||
validationFunc: function(driver, result) {
|
||||
result.type.should.be.equal('rejected');
|
||||
@ -131,7 +131,7 @@ const tests = [
|
||||
{
|
||||
description: 'should accept bad cert (DELETE)',
|
||||
expected: 'rejected: {"status":405, ... // will be rejected because DELETE is not allowed',
|
||||
before: helpers.setNoCheckCertMode,
|
||||
before: helpers.setNoCheckServerTrustMode,
|
||||
func: function(resolve, reject) { cordova.plugin.http.delete('https://self-signed.badssl.com/', {}, {}, resolve, reject); },
|
||||
validationFunc: function(driver, result) {
|
||||
result.type.should.be.equal('rejected');
|
||||
@ -141,7 +141,7 @@ const tests = [
|
||||
{
|
||||
description: 'should fetch data from http://httpbin.org/ (GET)',
|
||||
expected: 'resolved: {"status":200, ...',
|
||||
before: helpers.setNoCheckCertMode,
|
||||
before: helpers.setNoCheckServerTrustMode,
|
||||
func: function(resolve, reject) { cordova.plugin.http.get('http://httpbin.org/', {}, {}, resolve, reject); },
|
||||
validationFunc: function(driver, result) {
|
||||
result.type.should.be.equal('resolved');
|
||||
@ -468,7 +468,7 @@ const tests = [
|
||||
{
|
||||
description: 'should pin SSL cert correctly (GET)',
|
||||
expected: 'resolved: {"status": 200 ...',
|
||||
before: helpers.setPinnedCertMode,
|
||||
before: helpers.setPinnedServerTrustMode,
|
||||
func: function(resolve, reject) {
|
||||
cordova.plugin.http.get('https://httpbin.org', {}, {}, resolve, reject);
|
||||
},
|
||||
@ -480,7 +480,7 @@ const tests = [
|
||||
{
|
||||
description: 'should reject when pinned cert does not match received server cert (GET)',
|
||||
expected: 'rejected: {"status": -2 ...',
|
||||
before: helpers.setPinnedCertMode,
|
||||
before: helpers.setPinnedServerTrustMode,
|
||||
func: function(resolve, reject) {
|
||||
cordova.plugin.http.get('https://sha512.badssl.com/', {}, {}, resolve, reject);
|
||||
},
|
||||
|
@ -1,7 +1,7 @@
|
||||
module.exports = function init(cookieHandler, messages) {
|
||||
var validSerializers = ['urlencoded', 'json', 'utf8'];
|
||||
var validCertModes = ['default', 'nocheck', 'pinned', 'legacy'];
|
||||
var validClientAuthModes = ['none', 'systemstore', 'bundle'];
|
||||
var validClientAuthModes = ['none', 'systemstore', 'file'];
|
||||
var validHttpMethods = ['get', 'put', 'post', 'patch', 'head', 'delete', 'upload', 'download'];
|
||||
|
||||
return {
|
||||
|
@ -12,7 +12,9 @@ module.exports = function init(exec, cookieHandler, urlUtil, helpers, globalConf
|
||||
getCookieString: getCookieString,
|
||||
getRequestTimeout: getRequestTimeout,
|
||||
setRequestTimeout: setRequestTimeout,
|
||||
setSSLCertMode: setSSLCertMode,
|
||||
// for being backward compatible
|
||||
setSSLCertMode: setServerTrustMode,
|
||||
setServerTrustMode: setServerTrustMode,
|
||||
setClientAuthMode: setClientAuthMode,
|
||||
disableRedirect: disableRedirect,
|
||||
sendRequest: sendRequest,
|
||||
@ -89,15 +91,34 @@ module.exports = function init(exec, cookieHandler, urlUtil, helpers, globalConf
|
||||
globalConfigs.timeout = timeout;
|
||||
}
|
||||
|
||||
function setSSLCertMode(mode, success, failure) {
|
||||
return exec(success, failure, 'CordovaHttpPlugin', 'setSSLCertMode', [helpers.checkSSLCertMode(mode)]);
|
||||
function setServerTrustMode(mode, success, failure) {
|
||||
helpers.handleMissingCallbacks(success, failure);
|
||||
|
||||
return exec(success, failure, 'CordovaHttpPlugin', 'setServerTrustMode', [helpers.checkSSLCertMode(mode)]);
|
||||
}
|
||||
|
||||
function setClientAuthMode(mode, success, failure) {
|
||||
return exec(success, failure, 'CordovaHttpPlugin', 'setClientAuthMode', [helpers.checkClientAuthMode(mode)]);
|
||||
function setClientAuthMode() {
|
||||
// filePath is an optional param
|
||||
var mode = arguments[0];
|
||||
var success = arguments[1];
|
||||
var failure = arguments[2];
|
||||
var filePath = null;
|
||||
|
||||
if (arguments.length === 4) {
|
||||
mode = arguments[0];
|
||||
filePath = arguments[1];
|
||||
success = arguments[2];
|
||||
failure = arguments[3];
|
||||
}
|
||||
|
||||
helpers.handleMissingCallbacks(success, failure);
|
||||
|
||||
return exec(success, failure, 'CordovaHttpPlugin', 'setClientAuthMode', [helpers.checkClientAuthMode(mode), filePath]);
|
||||
}
|
||||
|
||||
function disableRedirect(disable, success, failure) {
|
||||
helpers.handleMissingCallbacks(success, failure);
|
||||
|
||||
return exec(success, failure, 'CordovaHttpPlugin', 'disableRedirect', [!!disable]);
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user