From 8e4bfdbc700fefff269cb2dfd5155bfc4dc7aa5f Mon Sep 17 00:00:00 2001
From: Sefa Ilkimen <sefa.ilkimen@mobisys.de>
Date: Fri, 25 May 2018 18:45:10 +0200
Subject: [PATCH] remove explicit host name verification setting on Android

---
 .../github/kevinsawicki/http/HttpRequest.java    | 16 +++-------------
 .../synconset/cordovahttp/CordovaHttpPlugin.java |  4 ----
 2 files changed, 3 insertions(+), 17 deletions(-)

diff --git a/src/android/com/github/kevinsawicki/http/HttpRequest.java b/src/android/com/github/kevinsawicki/http/HttpRequest.java
index 6171c2c..1fe0e4a 100644
--- a/src/android/com/github/kevinsawicki/http/HttpRequest.java
+++ b/src/android/com/github/kevinsawicki/http/HttpRequest.java
@@ -302,10 +302,13 @@ public class HttpRequest {
     try {
       if (mode == CERT_MODE_TRUSTALL) {
         SOCKET_FACTORY = createSocketFactory(getNoopTrustManagers());
+        HOSTNAME_VERIFIER = getTrustedVerifier();
       } else if (mode == CERT_MODE_PINNED) {
         SOCKET_FACTORY = createSocketFactory(getPinnedTrustManagers());
+        HOSTNAME_VERIFIER = null;
       } else {
         SOCKET_FACTORY = null;
+        HOSTNAME_VERIFIER = null;
       }
 
       CURRENT_CERT_MODE = mode;
@@ -314,19 +317,6 @@ public class HttpRequest {
     }
   }
 
-  /**
-   * Configure host name verification for all future HTTPS connections
-   *
-   * @param enabled
-   */
-  public static void setHostnameVerification(boolean enabled) {
-    if (enabled) {
-      HOSTNAME_VERIFIER = null;
-    } else {
-      HOSTNAME_VERIFIER = getTrustedVerifier();
-    }
-  }
-
   private static TrustManager[] getPinnedTrustManagers() throws IOException {
     if (PINNED_CERTS == null) {
       throw new IOException("You must add at least 1 certificate in order to pin to certificates");
diff --git a/src/android/com/synconset/cordovahttp/CordovaHttpPlugin.java b/src/android/com/synconset/cordovahttp/CordovaHttpPlugin.java
index 250b180..9a497f5 100644
--- a/src/android/com/synconset/cordovahttp/CordovaHttpPlugin.java
+++ b/src/android/com/synconset/cordovahttp/CordovaHttpPlugin.java
@@ -100,10 +100,8 @@ public class CordovaHttpPlugin extends CordovaPlugin {
 
             if (accept) {
               HttpRequest.setSSLCertMode(HttpRequest.CERT_MODE_TRUSTALL);
-              HttpRequest.setHostnameVerification(false);
             } else {
               HttpRequest.setSSLCertMode(HttpRequest.CERT_MODE_DEFAULT);
-              HttpRequest.setHostnameVerification(true);
             }
 
             callbackContext.success();
@@ -169,10 +167,8 @@ public class CordovaHttpPlugin extends CordovaPlugin {
             }
 
             HttpRequest.setSSLCertMode(HttpRequest.CERT_MODE_PINNED);
-            HttpRequest.setHostnameVerification(true);
         } else {
             HttpRequest.setSSLCertMode(HttpRequest.CERT_MODE_DEFAULT);
-            HttpRequest.setHostnameVerification(true);
         }
     }
 }