github/cordova-plugin-advanced-http
github/cordova-plugin-advanced-http
3
0
Fork 0
mirror of https://github.com/silkimen/cordova-plugin-advanced-http.git synced 2024-10-06 09:12:13 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

- some cleanup

Browse Source 
- deprecate "setSSLCertMode" in favor of "setServerTrustMode"
This commit is contained in:
Sefa Ilkimen 2019-04-05 16:26:04 +02:00
parent 8d28f4ab80
commit d977392a49
10 changed files with 71 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGELOG.md
View File

@ -1,5 +1,9 @@
# Changelog
## 2.0.8
- :warning: **Deprecation**: Deprecated "setSSLCertMode" in favor of "setServerTrustMode"
## 2.0.7
- Fixed #195: URLs are double-encoded on Android

29
README.md
View File

@ -128,13 +128,13 @@ cordova.plugin.http.clearCookies();
## Asynchronous Functions
These functions all take success and error callbacks as their last 2 arguments.
### setSSLCertMode<a name="setSSLCertMode"></a>
Set SSL Cert handling mode, being one of the following values:
### setServerTrustMode<a name="setServerTrustMode"></a>
Set server trust mode, being one of the following values:
* `default`: default SSL cert handling using system's CA certs
* `default`: default SSL trustship and hostname verification handling using system's CA certs
* `legacy`: use legacy default behavior (< 2.0.3), excluding user installed CA certs (only for Android)
* `nocheck`: disable SSL cert checking, trusting all certs (meant to be used only for testing purposes)
* `pinned`: trust only provided certs
* `nocheck`: disable SSL certificate checking and hostname verification, trusting all certs (meant to be used only for testing purposes)
* `pinned`: trust only provided certificates
To use SSL pinning you must include at least one `.cer` SSL certificate in your app project. You can pin to your server certificate or to one of the issuing CA certificates. Include your certificate in the `www/certificates` folder. All `.cer` files found there will be loaded automatically.
@ -142,32 +142,38 @@ To use SSL pinning you must include at least one `.cer` SSL certificate in your
```js
// enable SSL pinning
cordova.plugin.http.setSSLCertMode('pinned', function() {
cordova.plugin.http.setServerTrustMode('pinned', function() {
console.log('success!');
}, function() {
console.log('error :(');
});
// use system's default CA certs
cordova.plugin.http.setSSLCertMode('default', function() {
cordova.plugin.http.setServerTrustMode('default', function() {
console.log('success!');
}, function() {
console.log('error :(');
});
// disable SSL cert checking, only meant for testing purposes, do NOT use in production!
cordova.plugin.http.setSSLCertMode('nocheck', function() {
cordova.plugin.http.setServerTrustMode('nocheck', function() {
console.log('success!');
}, function() {
console.log('error :(');
});
```
### setSSLCertMode (deprecated)
This function was deprecated in 2.0.8. Use ["setServerTrustMode"](#setServerTrustMode) instead.
### enableSSLPinning (obsolete)
This function was removed in 2.0.0. Use ["setSSLCertMode"](#setSSLCertMode) to enable SSL pinning (mode "pinned").
This function was removed in 2.0.0. Use ["setServerTrustMode"](#setServerTrustMode) to enable SSL pinning (mode "pinned").
### acceptAllCerts (obsolete)
This function was removed in 2.0.0. Use ["setSSLCertMode"](#setSSLCertMode) to disable checking certs (mode "nocheck").
This function was removed in 2.0.0. Use ["setServerTrustMode"](#setServerTrustMode) to disable checking certs (mode "nocheck").
### validateDomainName (obsolete)
This function was removed in v1.6.2. Domain name validation is disabled automatically when you set server trust mode to "nocheck".
### disableRedirect
If set to `true`, it won't follow redirects automatically. This defaults to false.
@ -180,9 +186,6 @@ cordova.plugin.http.disableRedirect(true, function() {
});
```
### validateDomainName (obsolete)
This function was removed in v1.6.2. Domain name validation is disabled automatically when you set SSL cert mode to "nocheck".
### removeCookies
Remove all cookies associated with a given URL.

6
src/android/com/silkimen/cordovahttp/CordovaClientAuth.java
View File

@ -21,15 +21,17 @@ class CordovaClientAuth implements Runnable, KeyChainAliasCallback {
private static final String TAG = "Cordova-Plugin-HTTP";
private String mode;
private String filePath;
private Activity activity;
private Context context;
private TLSConfiguration tlsConfiguration;
private CallbackContext callbackContext;
public CordovaClientAuth(final String mode, final Activity activity, final Context context,
public CordovaClientAuth(final String mode, final String filePath, final Activity activity, final Context context,
final TLSConfiguration configContainer, final CallbackContext callbackContext) {
this.mode = mode;
this.filePath = filePath;
this.activity = activity;
this.tlsConfiguration = configContainer;
this.context = context;
@ -42,7 +44,7 @@ class CordovaClientAuth implements Runnable, KeyChainAliasCallback {
case "systemstore":
KeyChain.choosePrivateKeyAlias(this.activity, this, null, null, null, -1, null);
break;
case "bundle":
case "file":
// @todo use pfx in bundle
this.callbackContext.error("Not implemented, yet");
break;

8
src/android/com/silkimen/cordovahttp/CordovaHttpPlugin.java
View File

@ -68,8 +68,8 @@ public class CordovaHttpPlugin extends CordovaPlugin {
return this.uploadFile(args, callbackContext);
case "downloadFile":
return this.downloadFile(args, callbackContext);
case "setSSLCertMode":
return this.setSSLCertMode(args, callbackContext);
case "setServerTrustMode":
return this.setServerTrustMode(args, callbackContext);
case "setClientAuthMode":
return this.setClientAuthMode(args, callbackContext);
case "disableRedirect":
@ -140,7 +140,7 @@ public class CordovaHttpPlugin extends CordovaPlugin {
return true;
}
private boolean setSSLCertMode(final JSONArray args, final CallbackContext callbackContext) throws JSONException {
private boolean setServerTrustMode(final JSONArray args, final CallbackContext callbackContext) throws JSONException {
CordovaServerTrust runnable = new CordovaServerTrust(args.getString(0), this.cordova.getActivity(),
this.tlsConfiguration, callbackContext);
@ -150,7 +150,7 @@ public class CordovaHttpPlugin extends CordovaPlugin {
}
private boolean setClientAuthMode(final JSONArray args, final CallbackContext callbackContext) throws JSONException {
CordovaClientAuth runnable = new CordovaClientAuth(args.getString(0), this.cordova.getActivity(),
CordovaClientAuth runnable = new CordovaClientAuth(args.getString(0), args.getString(1), this.cordova.getActivity(),
this.cordova.getContext(), this.tlsConfiguration, callbackContext);
cordova.getThreadPool().execute(runnable);

4
src/android/com/silkimen/http/TLSSocketFactory.java
View File

@ -28,8 +28,8 @@ public class TLSSocketFactory extends SSLSocketFactory {
}
@Override
public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException {
return enableTLSOnSocket(delegate.createSocket(s, host, port, autoClose));
public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException {
return enableTLSOnSocket(delegate.createSocket(socket, host, port, autoClose));
}
@Override

2
src/ios/CordovaHttpPlugin.h
View File

@ -4,7 +4,7 @@
@interface CordovaHttpPlugin : CDVPlugin
- (void)setSSLCertMode:(CDVInvokedUrlCommand*)command;
- (void)setServerTrustMode:(CDVInvokedUrlCommand*)command;
- (void)disableRedirect:(CDVInvokedUrlCommand*)command;
- (void)post:(CDVInvokedUrlCommand*)command;
- (void)get:(CDVInvokedUrlCommand*)command;

2
src/ios/CordovaHttpPlugin.m
View File

@ -126,7 +126,7 @@
return headerFieldsCopy;
}
- (void)setSSLCertMode:(CDVInvokedUrlCommand*)command {
- (void)setServerTrustMode:(CDVInvokedUrlCommand*)command {
NSString *certMode = [command.arguments objectAtIndex:0];
if ([certMode isEqualToString: @"default"] || [certMode isEqualToString: @"legacy"]) {

24
test/app-test-definitions.js
View File

@ -1,14 +1,14 @@
const hooks = {
onBeforeEachTest: function(done) {
cordova.plugin.http.clearCookies();
helpers.setDefaultCertMode(done);
helpers.setDefaultServerTrustMode(done);
}
};
const helpers = {
setDefaultCertMode: function(done) { cordova.plugin.http.setSSLCertMode('default', done, done); },
setNoCheckCertMode: function(done) { cordova.plugin.http.setSSLCertMode('nocheck', done, done); },
setPinnedCertMode: function(done) { cordova.plugin.http.setSSLCertMode('pinned', done, done); },
setDefaultServerTrustMode: function(done) { cordova.plugin.http.setServerTrustMode('default', done, done); },
setNoCheckServerTrustMode: function(done) { cordova.plugin.http.setServerTrustMode('nocheck', done, done); },
setPinnedServerTrustMode: function(done) { cordova.plugin.http.setServerTrustMode('pinned', done, done); },
setJsonSerializer: function(done) { done(cordova.plugin.http.setDataSerializer('json')); },
setUtf8StringSerializer: function(done) { done(cordova.plugin.http.setDataSerializer('utf8')); },
setUrlEncodedSerializer: function(done) { done(cordova.plugin.http.setDataSerializer('urlencoded')); },
@ -91,7 +91,7 @@ const tests = [
{
description: 'should accept bad cert (GET)',
expected: 'resolved: {"status":200, ...',
before: helpers.setNoCheckCertMode,
before: helpers.setNoCheckServerTrustMode,
func: function(resolve, reject) { cordova.plugin.http.get('https://self-signed.badssl.com/', {}, {}, resolve, reject); },
validationFunc: function(driver, result) {
result.type.should.be.equal('resolved');
@ -101,7 +101,7 @@ const tests = [
{
description: 'should accept bad cert (PUT)',
expected: 'rejected: {"status":405, ... // will be rejected because PUT is not allowed',
before: helpers.setNoCheckCertMode,
before: helpers.setNoCheckServerTrustMode,
func: function(resolve, reject) { cordova.plugin.http.put('https://self-signed.badssl.com/', { test: 'testString' }, {}, resolve, reject); },
validationFunc: function(driver, result) {
result.type.should.be.equal('rejected');
@ -111,7 +111,7 @@ const tests = [
{
description: 'should accept bad cert (POST)',
expected: 'rejected: {"status":405, ... // will be rejected because POST is not allowed',
before: helpers.setNoCheckCertMode,
before: helpers.setNoCheckServerTrustMode,
func: function(resolve, reject) { cordova.plugin.http.post('https://self-signed.badssl.com/', { test: 'testString' }, {}, resolve, reject); },
validationFunc: function(driver, result) {
result.type.should.be.equal('rejected');
@ -121,7 +121,7 @@ const tests = [
{
description: 'should accept bad cert (PATCH)',
expected: 'rejected: {"status":405, ... // will be rejected because PATCH is not allowed',
before: helpers.setNoCheckCertMode,
before: helpers.setNoCheckServerTrustMode,
func: function(resolve, reject) { cordova.plugin.http.patch('https://self-signed.badssl.com/', { test: 'testString' }, {}, resolve, reject); },
validationFunc: function(driver, result) {
result.type.should.be.equal('rejected');
@ -131,7 +131,7 @@ const tests = [
{
description: 'should accept bad cert (DELETE)',
expected: 'rejected: {"status":405, ... // will be rejected because DELETE is not allowed',
before: helpers.setNoCheckCertMode,
before: helpers.setNoCheckServerTrustMode,
func: function(resolve, reject) { cordova.plugin.http.delete('https://self-signed.badssl.com/', {}, {}, resolve, reject); },
validationFunc: function(driver, result) {
result.type.should.be.equal('rejected');
@ -141,7 +141,7 @@ const tests = [
{
description: 'should fetch data from http://httpbin.org/ (GET)',
expected: 'resolved: {"status":200, ...',
before: helpers.setNoCheckCertMode,
before: helpers.setNoCheckServerTrustMode,
func: function(resolve, reject) { cordova.plugin.http.get('http://httpbin.org/', {}, {}, resolve, reject); },
validationFunc: function(driver, result) {
result.type.should.be.equal('resolved');
@ -468,7 +468,7 @@ const tests = [
{
description: 'should pin SSL cert correctly (GET)',
expected: 'resolved: {"status": 200 ...',
before: helpers.setPinnedCertMode,
before: helpers.setPinnedServerTrustMode,
func: function(resolve, reject) {
cordova.plugin.http.get('https://httpbin.org', {}, {}, resolve, reject);
},
@ -480,7 +480,7 @@ const tests = [
{
description: 'should reject when pinned cert does not match received server cert (GET)',
expected: 'rejected: {"status": -2 ...',
before: helpers.setPinnedCertMode,
before: helpers.setPinnedServerTrustMode,
func: function(resolve, reject) {
cordova.plugin.http.get('https://sha512.badssl.com/', {}, {}, resolve, reject);
},

2
www/helpers.js
View File

@ -1,7 +1,7 @@
module.exports = function init(cookieHandler, messages) {
var validSerializers = ['urlencoded', 'json', 'utf8'];
var validCertModes = ['default', 'nocheck', 'pinned', 'legacy'];
var validClientAuthModes = ['none', 'systemstore', 'bundle'];
var validClientAuthModes = ['none', 'systemstore', 'file'];
var validHttpMethods = ['get', 'put', 'post', 'patch', 'head', 'delete', 'upload', 'download'];
return {

31
www/public-interface.js
View File

@ -12,7 +12,9 @@ module.exports = function init(exec, cookieHandler, urlUtil, helpers, globalConf
getCookieString: getCookieString,
getRequestTimeout: getRequestTimeout,
setRequestTimeout: setRequestTimeout,
setSSLCertMode: setSSLCertMode,
// for being backward compatible
setSSLCertMode: setServerTrustMode,
setServerTrustMode: setServerTrustMode,
setClientAuthMode: setClientAuthMode,
disableRedirect: disableRedirect,
sendRequest: sendRequest,
@ -89,15 +91,34 @@ module.exports = function init(exec, cookieHandler, urlUtil, helpers, globalConf
globalConfigs.timeout = timeout;
}
function setSSLCertMode(mode, success, failure) {
return exec(success, failure, 'CordovaHttpPlugin', 'setSSLCertMode', [helpers.checkSSLCertMode(mode)]);
function setServerTrustMode(mode, success, failure) {
helpers.handleMissingCallbacks(success, failure);
return exec(success, failure, 'CordovaHttpPlugin', 'setServerTrustMode', [helpers.checkSSLCertMode(mode)]);
}
function setClientAuthMode(mode, success, failure) {
return exec(success, failure, 'CordovaHttpPlugin', 'setClientAuthMode', [helpers.checkClientAuthMode(mode)]);
function setClientAuthMode() {
// filePath is an optional param
var mode = arguments[0];
var success = arguments[1];
var failure = arguments[2];
var filePath = null;
if (arguments.length === 4) {
mode = arguments[0];
filePath = arguments[1];
success = arguments[2];
failure = arguments[3];
}
helpers.handleMissingCallbacks(success, failure);
return exec(success, failure, 'CordovaHttpPlugin', 'setClientAuthMode', [helpers.checkClientAuthMode(mode), filePath]);
}
function disableRedirect(disable, success, failure) {
helpers.handleMissingCallbacks(success, failure);
return exec(success, failure, 'CordovaHttpPlugin', 'disableRedirect', [!!disable]);
}