diff --git a/CHANGELOG.md b/CHANGELOG.md
index 186abbd..64693bb 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,9 @@
# Changelog
+## 2.0.8
+
+- :warning: **Deprecation**: Deprecated "setSSLCertMode" in favor of "setServerTrustMode"
+
## 2.0.7
- Fixed #195: URLs are double-encoded on Android
diff --git a/README.md b/README.md
index 83a31ca..16eca22 100644
--- a/README.md
+++ b/README.md
@@ -128,13 +128,13 @@ cordova.plugin.http.clearCookies();
## Asynchronous Functions
These functions all take success and error callbacks as their last 2 arguments.
-### setSSLCertMode
-Set SSL Cert handling mode, being one of the following values:
+### setServerTrustMode
+Set server trust mode, being one of the following values:
-* `default`: default SSL cert handling using system's CA certs
+* `default`: default SSL trustship and hostname verification handling using system's CA certs
* `legacy`: use legacy default behavior (< 2.0.3), excluding user installed CA certs (only for Android)
-* `nocheck`: disable SSL cert checking, trusting all certs (meant to be used only for testing purposes)
-* `pinned`: trust only provided certs
+* `nocheck`: disable SSL certificate checking and hostname verification, trusting all certs (meant to be used only for testing purposes)
+* `pinned`: trust only provided certificates
To use SSL pinning you must include at least one `.cer` SSL certificate in your app project. You can pin to your server certificate or to one of the issuing CA certificates. Include your certificate in the `www/certificates` folder. All `.cer` files found there will be loaded automatically.
@@ -142,32 +142,38 @@ To use SSL pinning you must include at least one `.cer` SSL certificate in your
```js
// enable SSL pinning
-cordova.plugin.http.setSSLCertMode('pinned', function() {
+cordova.plugin.http.setServerTrustMode('pinned', function() {
console.log('success!');
}, function() {
console.log('error :(');
});
// use system's default CA certs
-cordova.plugin.http.setSSLCertMode('default', function() {
+cordova.plugin.http.setServerTrustMode('default', function() {
console.log('success!');
}, function() {
console.log('error :(');
});
// disable SSL cert checking, only meant for testing purposes, do NOT use in production!
-cordova.plugin.http.setSSLCertMode('nocheck', function() {
+cordova.plugin.http.setServerTrustMode('nocheck', function() {
console.log('success!');
}, function() {
console.log('error :(');
});
```
+### setSSLCertMode (deprecated)
+This function was deprecated in 2.0.8. Use ["setServerTrustMode"](#setServerTrustMode) instead.
+
### enableSSLPinning (obsolete)
-This function was removed in 2.0.0. Use ["setSSLCertMode"](#setSSLCertMode) to enable SSL pinning (mode "pinned").
+This function was removed in 2.0.0. Use ["setServerTrustMode"](#setServerTrustMode) to enable SSL pinning (mode "pinned").
### acceptAllCerts (obsolete)
-This function was removed in 2.0.0. Use ["setSSLCertMode"](#setSSLCertMode) to disable checking certs (mode "nocheck").
+This function was removed in 2.0.0. Use ["setServerTrustMode"](#setServerTrustMode) to disable checking certs (mode "nocheck").
+
+### validateDomainName (obsolete)
+This function was removed in v1.6.2. Domain name validation is disabled automatically when you set server trust mode to "nocheck".
### disableRedirect
If set to `true`, it won't follow redirects automatically. This defaults to false.
@@ -180,9 +186,6 @@ cordova.plugin.http.disableRedirect(true, function() {
});
```
-### validateDomainName (obsolete)
-This function was removed in v1.6.2. Domain name validation is disabled automatically when you set SSL cert mode to "nocheck".
-
### removeCookies
Remove all cookies associated with a given URL.
diff --git a/src/android/com/silkimen/cordovahttp/CordovaClientAuth.java b/src/android/com/silkimen/cordovahttp/CordovaClientAuth.java
index f75accd..5897f2a 100644
--- a/src/android/com/silkimen/cordovahttp/CordovaClientAuth.java
+++ b/src/android/com/silkimen/cordovahttp/CordovaClientAuth.java
@@ -21,15 +21,17 @@ class CordovaClientAuth implements Runnable, KeyChainAliasCallback {
private static final String TAG = "Cordova-Plugin-HTTP";
private String mode;
+ private String filePath;
private Activity activity;
private Context context;
private TLSConfiguration tlsConfiguration;
private CallbackContext callbackContext;
- public CordovaClientAuth(final String mode, final Activity activity, final Context context,
+ public CordovaClientAuth(final String mode, final String filePath, final Activity activity, final Context context,
final TLSConfiguration configContainer, final CallbackContext callbackContext) {
this.mode = mode;
+ this.filePath = filePath;
this.activity = activity;
this.tlsConfiguration = configContainer;
this.context = context;
@@ -42,7 +44,7 @@ class CordovaClientAuth implements Runnable, KeyChainAliasCallback {
case "systemstore":
KeyChain.choosePrivateKeyAlias(this.activity, this, null, null, null, -1, null);
break;
- case "bundle":
+ case "file":
// @todo use pfx in bundle
this.callbackContext.error("Not implemented, yet");
break;
diff --git a/src/android/com/silkimen/cordovahttp/CordovaHttpPlugin.java b/src/android/com/silkimen/cordovahttp/CordovaHttpPlugin.java
index 47e848d..96ccde5 100644
--- a/src/android/com/silkimen/cordovahttp/CordovaHttpPlugin.java
+++ b/src/android/com/silkimen/cordovahttp/CordovaHttpPlugin.java
@@ -68,8 +68,8 @@ public class CordovaHttpPlugin extends CordovaPlugin {
return this.uploadFile(args, callbackContext);
case "downloadFile":
return this.downloadFile(args, callbackContext);
- case "setSSLCertMode":
- return this.setSSLCertMode(args, callbackContext);
+ case "setServerTrustMode":
+ return this.setServerTrustMode(args, callbackContext);
case "setClientAuthMode":
return this.setClientAuthMode(args, callbackContext);
case "disableRedirect":
@@ -140,7 +140,7 @@ public class CordovaHttpPlugin extends CordovaPlugin {
return true;
}
- private boolean setSSLCertMode(final JSONArray args, final CallbackContext callbackContext) throws JSONException {
+ private boolean setServerTrustMode(final JSONArray args, final CallbackContext callbackContext) throws JSONException {
CordovaServerTrust runnable = new CordovaServerTrust(args.getString(0), this.cordova.getActivity(),
this.tlsConfiguration, callbackContext);
@@ -150,7 +150,7 @@ public class CordovaHttpPlugin extends CordovaPlugin {
}
private boolean setClientAuthMode(final JSONArray args, final CallbackContext callbackContext) throws JSONException {
- CordovaClientAuth runnable = new CordovaClientAuth(args.getString(0), this.cordova.getActivity(),
+ CordovaClientAuth runnable = new CordovaClientAuth(args.getString(0), args.getString(1), this.cordova.getActivity(),
this.cordova.getContext(), this.tlsConfiguration, callbackContext);
cordova.getThreadPool().execute(runnable);
diff --git a/src/android/com/silkimen/http/TLSSocketFactory.java b/src/android/com/silkimen/http/TLSSocketFactory.java
index bf3a6ea..9bc75b1 100644
--- a/src/android/com/silkimen/http/TLSSocketFactory.java
+++ b/src/android/com/silkimen/http/TLSSocketFactory.java
@@ -28,8 +28,8 @@ public class TLSSocketFactory extends SSLSocketFactory {
}
@Override
- public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException {
- return enableTLSOnSocket(delegate.createSocket(s, host, port, autoClose));
+ public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException {
+ return enableTLSOnSocket(delegate.createSocket(socket, host, port, autoClose));
}
@Override
diff --git a/src/ios/CordovaHttpPlugin.h b/src/ios/CordovaHttpPlugin.h
index 1a05282..7db8989 100644
--- a/src/ios/CordovaHttpPlugin.h
+++ b/src/ios/CordovaHttpPlugin.h
@@ -4,7 +4,7 @@
@interface CordovaHttpPlugin : CDVPlugin
-- (void)setSSLCertMode:(CDVInvokedUrlCommand*)command;
+- (void)setServerTrustMode:(CDVInvokedUrlCommand*)command;
- (void)disableRedirect:(CDVInvokedUrlCommand*)command;
- (void)post:(CDVInvokedUrlCommand*)command;
- (void)get:(CDVInvokedUrlCommand*)command;
diff --git a/src/ios/CordovaHttpPlugin.m b/src/ios/CordovaHttpPlugin.m
index ce39a6c..b23d3ad 100644
--- a/src/ios/CordovaHttpPlugin.m
+++ b/src/ios/CordovaHttpPlugin.m
@@ -126,7 +126,7 @@
return headerFieldsCopy;
}
-- (void)setSSLCertMode:(CDVInvokedUrlCommand*)command {
+- (void)setServerTrustMode:(CDVInvokedUrlCommand*)command {
NSString *certMode = [command.arguments objectAtIndex:0];
if ([certMode isEqualToString: @"default"] || [certMode isEqualToString: @"legacy"]) {
diff --git a/test/app-test-definitions.js b/test/app-test-definitions.js
index 5986b75..78801de 100644
--- a/test/app-test-definitions.js
+++ b/test/app-test-definitions.js
@@ -1,14 +1,14 @@
const hooks = {
onBeforeEachTest: function(done) {
cordova.plugin.http.clearCookies();
- helpers.setDefaultCertMode(done);
+ helpers.setDefaultServerTrustMode(done);
}
};
const helpers = {
- setDefaultCertMode: function(done) { cordova.plugin.http.setSSLCertMode('default', done, done); },
- setNoCheckCertMode: function(done) { cordova.plugin.http.setSSLCertMode('nocheck', done, done); },
- setPinnedCertMode: function(done) { cordova.plugin.http.setSSLCertMode('pinned', done, done); },
+ setDefaultServerTrustMode: function(done) { cordova.plugin.http.setServerTrustMode('default', done, done); },
+ setNoCheckServerTrustMode: function(done) { cordova.plugin.http.setServerTrustMode('nocheck', done, done); },
+ setPinnedServerTrustMode: function(done) { cordova.plugin.http.setServerTrustMode('pinned', done, done); },
setJsonSerializer: function(done) { done(cordova.plugin.http.setDataSerializer('json')); },
setUtf8StringSerializer: function(done) { done(cordova.plugin.http.setDataSerializer('utf8')); },
setUrlEncodedSerializer: function(done) { done(cordova.plugin.http.setDataSerializer('urlencoded')); },
@@ -91,7 +91,7 @@ const tests = [
{
description: 'should accept bad cert (GET)',
expected: 'resolved: {"status":200, ...',
- before: helpers.setNoCheckCertMode,
+ before: helpers.setNoCheckServerTrustMode,
func: function(resolve, reject) { cordova.plugin.http.get('https://self-signed.badssl.com/', {}, {}, resolve, reject); },
validationFunc: function(driver, result) {
result.type.should.be.equal('resolved');
@@ -101,7 +101,7 @@ const tests = [
{
description: 'should accept bad cert (PUT)',
expected: 'rejected: {"status":405, ... // will be rejected because PUT is not allowed',
- before: helpers.setNoCheckCertMode,
+ before: helpers.setNoCheckServerTrustMode,
func: function(resolve, reject) { cordova.plugin.http.put('https://self-signed.badssl.com/', { test: 'testString' }, {}, resolve, reject); },
validationFunc: function(driver, result) {
result.type.should.be.equal('rejected');
@@ -111,7 +111,7 @@ const tests = [
{
description: 'should accept bad cert (POST)',
expected: 'rejected: {"status":405, ... // will be rejected because POST is not allowed',
- before: helpers.setNoCheckCertMode,
+ before: helpers.setNoCheckServerTrustMode,
func: function(resolve, reject) { cordova.plugin.http.post('https://self-signed.badssl.com/', { test: 'testString' }, {}, resolve, reject); },
validationFunc: function(driver, result) {
result.type.should.be.equal('rejected');
@@ -121,7 +121,7 @@ const tests = [
{
description: 'should accept bad cert (PATCH)',
expected: 'rejected: {"status":405, ... // will be rejected because PATCH is not allowed',
- before: helpers.setNoCheckCertMode,
+ before: helpers.setNoCheckServerTrustMode,
func: function(resolve, reject) { cordova.plugin.http.patch('https://self-signed.badssl.com/', { test: 'testString' }, {}, resolve, reject); },
validationFunc: function(driver, result) {
result.type.should.be.equal('rejected');
@@ -131,7 +131,7 @@ const tests = [
{
description: 'should accept bad cert (DELETE)',
expected: 'rejected: {"status":405, ... // will be rejected because DELETE is not allowed',
- before: helpers.setNoCheckCertMode,
+ before: helpers.setNoCheckServerTrustMode,
func: function(resolve, reject) { cordova.plugin.http.delete('https://self-signed.badssl.com/', {}, {}, resolve, reject); },
validationFunc: function(driver, result) {
result.type.should.be.equal('rejected');
@@ -141,7 +141,7 @@ const tests = [
{
description: 'should fetch data from http://httpbin.org/ (GET)',
expected: 'resolved: {"status":200, ...',
- before: helpers.setNoCheckCertMode,
+ before: helpers.setNoCheckServerTrustMode,
func: function(resolve, reject) { cordova.plugin.http.get('http://httpbin.org/', {}, {}, resolve, reject); },
validationFunc: function(driver, result) {
result.type.should.be.equal('resolved');
@@ -468,7 +468,7 @@ const tests = [
{
description: 'should pin SSL cert correctly (GET)',
expected: 'resolved: {"status": 200 ...',
- before: helpers.setPinnedCertMode,
+ before: helpers.setPinnedServerTrustMode,
func: function(resolve, reject) {
cordova.plugin.http.get('https://httpbin.org', {}, {}, resolve, reject);
},
@@ -480,7 +480,7 @@ const tests = [
{
description: 'should reject when pinned cert does not match received server cert (GET)',
expected: 'rejected: {"status": -2 ...',
- before: helpers.setPinnedCertMode,
+ before: helpers.setPinnedServerTrustMode,
func: function(resolve, reject) {
cordova.plugin.http.get('https://sha512.badssl.com/', {}, {}, resolve, reject);
},
diff --git a/www/helpers.js b/www/helpers.js
index 14313b5..9f33c27 100644
--- a/www/helpers.js
+++ b/www/helpers.js
@@ -1,7 +1,7 @@
module.exports = function init(cookieHandler, messages) {
var validSerializers = ['urlencoded', 'json', 'utf8'];
var validCertModes = ['default', 'nocheck', 'pinned', 'legacy'];
- var validClientAuthModes = ['none', 'systemstore', 'bundle'];
+ var validClientAuthModes = ['none', 'systemstore', 'file'];
var validHttpMethods = ['get', 'put', 'post', 'patch', 'head', 'delete', 'upload', 'download'];
return {
diff --git a/www/public-interface.js b/www/public-interface.js
index 0ee9058..aae6fa0 100644
--- a/www/public-interface.js
+++ b/www/public-interface.js
@@ -12,7 +12,9 @@ module.exports = function init(exec, cookieHandler, urlUtil, helpers, globalConf
getCookieString: getCookieString,
getRequestTimeout: getRequestTimeout,
setRequestTimeout: setRequestTimeout,
- setSSLCertMode: setSSLCertMode,
+ // for being backward compatible
+ setSSLCertMode: setServerTrustMode,
+ setServerTrustMode: setServerTrustMode,
setClientAuthMode: setClientAuthMode,
disableRedirect: disableRedirect,
sendRequest: sendRequest,
@@ -89,15 +91,34 @@ module.exports = function init(exec, cookieHandler, urlUtil, helpers, globalConf
globalConfigs.timeout = timeout;
}
- function setSSLCertMode(mode, success, failure) {
- return exec(success, failure, 'CordovaHttpPlugin', 'setSSLCertMode', [helpers.checkSSLCertMode(mode)]);
+ function setServerTrustMode(mode, success, failure) {
+ helpers.handleMissingCallbacks(success, failure);
+
+ return exec(success, failure, 'CordovaHttpPlugin', 'setServerTrustMode', [helpers.checkSSLCertMode(mode)]);
}
- function setClientAuthMode(mode, success, failure) {
- return exec(success, failure, 'CordovaHttpPlugin', 'setClientAuthMode', [helpers.checkClientAuthMode(mode)]);
+ function setClientAuthMode() {
+ // filePath is an optional param
+ var mode = arguments[0];
+ var success = arguments[1];
+ var failure = arguments[2];
+ var filePath = null;
+
+ if (arguments.length === 4) {
+ mode = arguments[0];
+ filePath = arguments[1];
+ success = arguments[2];
+ failure = arguments[3];
+ }
+
+ helpers.handleMissingCallbacks(success, failure);
+
+ return exec(success, failure, 'CordovaHttpPlugin', 'setClientAuthMode', [helpers.checkClientAuthMode(mode), filePath]);
}
function disableRedirect(disable, success, failure) {
+ helpers.handleMissingCallbacks(success, failure);
+
return exec(success, failure, 'CordovaHttpPlugin', 'disableRedirect', [!!disable]);
}