mirror of
https://github.com/silkimen/cordova-plugin-advanced-http.git
synced 2026-01-31 00:00:03 +08:00
re-implement disabling verification of hostname
This commit is contained in:
Sefa Ilkimen
@@ -62,6 +62,7 @@
|
||||
<source-file src="src/android/com/silkimen/cordovahttp/CordovaHttpPlugin.java" target-dir="src/com/silkimen/cordovahttp"/>
|
||||
<source-file src="src/android/com/silkimen/cordovahttp/CordovaHttpResponse.java" target-dir="src/com/silkimen/cordovahttp"/>
|
||||
<source-file src="src/android/com/silkimen/cordovahttp/CordovaHttpUpload.java" target-dir="src/com/silkimen/cordovahttp"/>
|
||||
<source-file src="src/android/com/silkimen/http/HostnameVerifierFactory.java" target-dir="src/com/silkimen/http"/>
|
||||
<source-file src="src/android/com/silkimen/http/HttpBodyDecoder.java" target-dir="src/com/silkimen/http"/>
|
||||
<source-file src="src/android/com/silkimen/http/HttpRequest.java" target-dir="src/com/silkimen/http"/>
|
||||
<source-file src="src/android/com/silkimen/http/JsonUtils.java" target-dir="src/com/silkimen/http"/>
|
||||
|
||||
@@ -7,6 +7,7 @@ import java.net.UnknownHostException;
|
||||
|
||||
import java.nio.ByteBuffer;
|
||||
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import javax.net.ssl.SSLHandshakeException;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
|
||||
@@ -34,9 +35,11 @@ abstract class CordovaHttpBase implements Runnable {
|
||||
protected int timeout;
|
||||
protected boolean followRedirects;
|
||||
protected SSLSocketFactory customSSLSocketFactory;
|
||||
protected HostnameVerifier customHostnameVerifier;
|
||||
protected CallbackContext callbackContext;
|
||||
|
||||
public CordovaHttpBase(String method, String url, String serializer, Object data, JSONObject headers, int timeout, boolean followRedirects, SSLSocketFactory customSSLSocketFactory,
|
||||
public CordovaHttpBase(String method, String url, String serializer, Object data, JSONObject headers, int timeout,
|
||||
boolean followRedirects, SSLSocketFactory customSSLSocketFactory, HostnameVerifier customHostnameVerifier,
|
||||
CallbackContext callbackContext) {
|
||||
|
||||
this.method = method;
|
||||
@@ -47,11 +50,12 @@ abstract class CordovaHttpBase implements Runnable {
|
||||
this.timeout = timeout;
|
||||
this.followRedirects = followRedirects;
|
||||
this.customSSLSocketFactory = customSSLSocketFactory;
|
||||
this.customHostnameVerifier = customHostnameVerifier;
|
||||
this.callbackContext = callbackContext;
|
||||
}
|
||||
|
||||
|
||||
public CordovaHttpBase(String method, String url, JSONObject params, JSONObject headers, int timeout, boolean followRedirects, SSLSocketFactory customSSLSocketFactory,
|
||||
public CordovaHttpBase(String method, String url, JSONObject params, JSONObject headers, int timeout,
|
||||
boolean followRedirects, SSLSocketFactory customSSLSocketFactory, HostnameVerifier customHostnameVerifier,
|
||||
CallbackContext callbackContext) {
|
||||
|
||||
this.method = method;
|
||||
@@ -61,6 +65,7 @@ abstract class CordovaHttpBase implements Runnable {
|
||||
this.timeout = timeout;
|
||||
this.followRedirects = followRedirects;
|
||||
this.customSSLSocketFactory = customSSLSocketFactory;
|
||||
this.customHostnameVerifier = customHostnameVerifier;
|
||||
this.callbackContext = callbackContext;
|
||||
}
|
||||
|
||||
@@ -121,6 +126,10 @@ abstract class CordovaHttpBase implements Runnable {
|
||||
request.acceptCharset("UTF-8");
|
||||
request.uncompress(true);
|
||||
|
||||
if (this.customHostnameVerifier != null) {
|
||||
request.setHostnameVerifier(this.customHostnameVerifier);
|
||||
}
|
||||
|
||||
if (this.customSSLSocketFactory != null) {
|
||||
request.setSSLSocketFactory(this.customSSLSocketFactory);
|
||||
}
|
||||
|
||||
@@ -3,6 +3,7 @@ package com.silkimen.cordovahttp;
|
||||
import java.io.File;
|
||||
import java.net.URI;
|
||||
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
|
||||
import com.silkimen.http.HttpRequest;
|
||||
@@ -15,9 +16,11 @@ class CordovaHttpDownload extends CordovaHttpBase {
|
||||
private String filePath;
|
||||
|
||||
public CordovaHttpDownload(String url, JSONObject params, JSONObject headers, String filePath, int timeout,
|
||||
boolean followRedirects, SSLSocketFactory customSSLSocketFactory, CallbackContext callbackContext) {
|
||||
boolean followRedirects, SSLSocketFactory customSSLSocketFactory, HostnameVerifier customHostnameVerifier,
|
||||
CallbackContext callbackContext) {
|
||||
|
||||
super("GET", url, params, headers, timeout, followRedirects, customSSLSocketFactory, callbackContext);
|
||||
super("GET", url, params, headers, timeout, followRedirects, customSSLSocketFactory, customHostnameVerifier,
|
||||
callbackContext);
|
||||
this.filePath = filePath;
|
||||
}
|
||||
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
package com.silkimen.cordovahttp;
|
||||
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
|
||||
import org.apache.cordova.CallbackContext;
|
||||
@@ -7,14 +8,18 @@ import org.json.JSONObject;
|
||||
|
||||
class CordovaHttpOperation extends CordovaHttpBase {
|
||||
public CordovaHttpOperation(String method, String url, String serializer, Object data, JSONObject headers,
|
||||
int timeout, boolean followRedirects, SSLSocketFactory customSSLSocketFactory, CallbackContext callbackContext) {
|
||||
int timeout, boolean followRedirects, SSLSocketFactory customSSLSocketFactory,
|
||||
HostnameVerifier customHostnameVerifier, CallbackContext callbackContext) {
|
||||
|
||||
super(method, url, serializer, data, headers, timeout, followRedirects, customSSLSocketFactory, callbackContext);
|
||||
super(method, url, serializer, data, headers, timeout, followRedirects, customSSLSocketFactory,
|
||||
customHostnameVerifier, callbackContext);
|
||||
}
|
||||
|
||||
public CordovaHttpOperation(String method, String url, JSONObject params, JSONObject headers, int timeout,
|
||||
boolean followRedirects, SSLSocketFactory customSSLSocketFactory, CallbackContext callbackContext) {
|
||||
boolean followRedirects, SSLSocketFactory customSSLSocketFactory, HostnameVerifier customHostnameVerifier,
|
||||
CallbackContext callbackContext) {
|
||||
|
||||
super(method, url, params, headers, timeout, followRedirects, customSSLSocketFactory, callbackContext);
|
||||
super(method, url, params, headers, timeout, followRedirects, customSSLSocketFactory, customHostnameVerifier,
|
||||
callbackContext);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -14,10 +14,12 @@ import java.security.cert.Certificate;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Enumeration;
|
||||
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
import javax.net.ssl.TrustManager;
|
||||
|
||||
import com.silkimen.http.HostnameVerifierFactory;
|
||||
import com.silkimen.http.TLSSocketFactory;
|
||||
import com.silkimen.http.TrustManagersFactory;
|
||||
|
||||
@@ -35,16 +37,17 @@ import android.util.Log;
|
||||
public class CordovaHttpPlugin extends CordovaPlugin {
|
||||
private static final String TAG = "Cordova-Plugin-HTTP";
|
||||
|
||||
private final TrustManagersFactory trustManagersFactory = new TrustManagersFactory();
|
||||
private final HostnameVerifierFactory hostnameVerifierFactory = new HostnameVerifierFactory();
|
||||
|
||||
private boolean followRedirects = true;
|
||||
private TrustManagersFactory trustManagersFactory;
|
||||
private SSLSocketFactory customSSLSocketFactory;
|
||||
private HostnameVerifier customHostnameVerifier;
|
||||
|
||||
@Override
|
||||
public void initialize(CordovaInterface cordova, CordovaWebView webView) {
|
||||
super.initialize(cordova, webView);
|
||||
|
||||
this.trustManagersFactory = new TrustManagersFactory();
|
||||
|
||||
try {
|
||||
this.customSSLSocketFactory = this.createSocketFactory(
|
||||
this.trustManagersFactory.getPinnedTrustManagers(this.getCertsFromKeyStore("AndroidCAStore")));
|
||||
@@ -96,7 +99,7 @@ public class CordovaHttpPlugin extends CordovaPlugin {
|
||||
int timeout = args.getInt(3) * 1000;
|
||||
|
||||
CordovaHttpOperation request = new CordovaHttpOperation(method.toUpperCase(), url, params, headers, timeout,
|
||||
this.followRedirects, this.customSSLSocketFactory, callbackContext);
|
||||
this.followRedirects, this.customSSLSocketFactory, this.customHostnameVerifier, callbackContext);
|
||||
|
||||
cordova.getThreadPool().execute(request);
|
||||
|
||||
@@ -113,7 +116,7 @@ public class CordovaHttpPlugin extends CordovaPlugin {
|
||||
int timeout = args.getInt(4) * 1000;
|
||||
|
||||
CordovaHttpOperation request = new CordovaHttpOperation(method.toUpperCase(), url, serializer, data, headers,
|
||||
timeout, this.followRedirects, this.customSSLSocketFactory, callbackContext);
|
||||
timeout, this.followRedirects, this.customSSLSocketFactory, this.customHostnameVerifier, callbackContext);
|
||||
|
||||
cordova.getThreadPool().execute(request);
|
||||
|
||||
@@ -129,7 +132,7 @@ public class CordovaHttpPlugin extends CordovaPlugin {
|
||||
int timeout = args.getInt(5) * 1000;
|
||||
|
||||
CordovaHttpUpload upload = new CordovaHttpUpload(url, params, headers, filePath, uploadName, timeout,
|
||||
this.followRedirects, this.customSSLSocketFactory, callbackContext);
|
||||
this.followRedirects, this.customSSLSocketFactory, this.customHostnameVerifier, callbackContext);
|
||||
|
||||
cordova.getThreadPool().execute(upload);
|
||||
|
||||
@@ -144,7 +147,7 @@ public class CordovaHttpPlugin extends CordovaPlugin {
|
||||
int timeout = args.getInt(4) * 1000;
|
||||
|
||||
CordovaHttpDownload download = new CordovaHttpDownload(url, params, headers, filePath, timeout,
|
||||
this.followRedirects, this.customSSLSocketFactory, callbackContext);
|
||||
this.followRedirects, this.customSSLSocketFactory, this.customHostnameVerifier, callbackContext);
|
||||
|
||||
cordova.getThreadPool().execute(download);
|
||||
|
||||
@@ -155,19 +158,22 @@ public class CordovaHttpPlugin extends CordovaPlugin {
|
||||
try {
|
||||
switch (args.getString(0)) {
|
||||
case "legacy":
|
||||
this.customHostnameVerifier = null;
|
||||
this.customSSLSocketFactory = null;
|
||||
break;
|
||||
case "nocheck":
|
||||
/* @TODO host name verification */
|
||||
this.customHostnameVerifier = this.hostnameVerifierFactory.getNoOpVerifier();
|
||||
this.customSSLSocketFactory = this.createSocketFactory(this.trustManagersFactory.getNoopTrustManagers());
|
||||
break;
|
||||
case "pinned":
|
||||
this.customHostnameVerifier = null;
|
||||
this.customSSLSocketFactory = this.createSocketFactory(
|
||||
this.trustManagersFactory.getPinnedTrustManagers(this.getCertsFromBundle("www/certificates/")));
|
||||
this.trustManagersFactory.getPinnedTrustManagers(this.getCertsFromBundle("www/certificates")));
|
||||
break;
|
||||
default:
|
||||
this.customHostnameVerifier = null;
|
||||
this.customSSLSocketFactory = this.createSocketFactory(
|
||||
this.trustManagersFactory.getPinnedTrustManagers(this.getCertsFromKeyStore("AndroidCAStore")));
|
||||
this.trustManagersFactory.getPinnedTrustManagers(this.getCertsFromKeyStore("AndroidCAStore")));
|
||||
break;
|
||||
}
|
||||
|
||||
@@ -218,7 +224,7 @@ public class CordovaHttpPlugin extends CordovaPlugin {
|
||||
continue;
|
||||
}
|
||||
|
||||
certList.add(cf.generateCertificate(assetManager.open(path + files[i])));
|
||||
certList.add(cf.generateCertificate(assetManager.open(path + "/" + files[i])));
|
||||
}
|
||||
|
||||
return certList;
|
||||
|
||||
@@ -7,6 +7,7 @@ import com.silkimen.http.HttpRequest;
|
||||
import java.io.File;
|
||||
import java.net.URI;
|
||||
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import javax.net.ssl.SSLSocketFactory;
|
||||
|
||||
import org.apache.cordova.CallbackContext;
|
||||
@@ -17,9 +18,11 @@ class CordovaHttpUpload extends CordovaHttpBase {
|
||||
private String uploadName;
|
||||
|
||||
public CordovaHttpUpload(String url, JSONObject params, JSONObject headers, String filePath, String uploadName,
|
||||
int timeout, boolean followRedirects, SSLSocketFactory customSSLSocketFactory, CallbackContext callbackContext) {
|
||||
int timeout, boolean followRedirects, SSLSocketFactory customSSLSocketFactory,
|
||||
HostnameVerifier customHostnameVerifier, CallbackContext callbackContext) {
|
||||
|
||||
super("POST", url, params, headers, timeout, followRedirects, customSSLSocketFactory, callbackContext);
|
||||
super("POST", url, params, headers, timeout, followRedirects, customSSLSocketFactory, customHostnameVerifier,
|
||||
callbackContext);
|
||||
this.filePath = filePath;
|
||||
this.uploadName = uploadName;
|
||||
}
|
||||
|
||||
@@ -1,12 +1,13 @@
|
||||
package com.silkimen.http;
|
||||
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import javax.net.ssl.SSLSession;
|
||||
|
||||
public class HostnameVerfifierFactory {
|
||||
private final HostnameVerifier noOpVerififer;
|
||||
public class HostnameVerifierFactory {
|
||||
private final HostnameVerifier noOpVerifier;
|
||||
|
||||
public HostnameVerifierFactory() {
|
||||
this.noOpVerififer = new HostnameVerifier() {
|
||||
this.noOpVerifier = new HostnameVerifier() {
|
||||
public boolean verify(String hostname, SSLSession session) {
|
||||
return true;
|
||||
}
|
||||
@@ -14,6 +15,6 @@ public class HostnameVerfifierFactory {
|
||||
}
|
||||
|
||||
public HostnameVerifier getNoOpVerifier() {
|
||||
return this.noOpVerififer;
|
||||
return this.noOpVerifier;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user