- some cleanup

- deprecate "setSSLCertMode" in favor of "setServerTrustMode"
2026-04-24 00:00:03 +08:00 · 2019-04-05 16:26:04 +02:00
parent 8d28f4ab80
commit d977392a49
10 changed files with 71 additions and 41 deletions
@@ -1,5 +1,9 @@
 # Changelog
 ## 2.0.8
 - :warning: **Deprecation**: Deprecated "setSSLCertMode" in favor of "setServerTrustMode"
 ## 2.0.7
 - Fixed #195: URLs are double-encoded on Android
@@ -128,13 +128,13 @@ cordova.plugin.http.clearCookies();
 ## Asynchronous Functions
 These functions all take success and error callbacks as their last 2 arguments.
-### setSSLCertMode<a name="setSSLCertMode"></a>
+### setServerTrustMode<a name="setServerTrustMode"></a>
-Set SSL Cert handling mode, being one of the following values:
+Set server trust mode, being one of the following values:
-* `default`: default SSL cert handling using system's CA certs
+* `default`: default SSL trustship and hostname verification handling using system's CA certs
 * `legacy`: use legacy default behavior (< 2.0.3), excluding user installed CA certs (only for Android)
-* `nocheck`: disable SSL cert checking, trusting all certs (meant to be used only for testing purposes)
+* `nocheck`: disable SSL certificate checking and hostname verification, trusting all certs (meant to be used only for testing purposes)
-* `pinned`: trust only provided certs
+* `pinned`: trust only provided certificates
 To use SSL pinning you must include at least one `.cer` SSL certificate in your app project.  You can pin to your server certificate or to one of the issuing CA certificates. Include your certificate in the `www/certificates` folder. All `.cer` files found there will be loaded automatically.
@@ -142,32 +142,38 @@ To use SSL pinning you must include at least one `.cer` SSL certificate in your
 ```js
 // enable SSL pinning
-cordova.plugin.http.setSSLCertMode('pinned', function() {
+cordova.plugin.http.setServerTrustMode('pinned', function() {
  console.log('success!');
 }, function() {
  console.log('error :(');
 });
 // use system's default CA certs
-cordova.plugin.http.setSSLCertMode('default', function() {
+cordova.plugin.http.setServerTrustMode('default', function() {
  console.log('success!');
 }, function() {
  console.log('error :(');
 });
 // disable SSL cert checking, only meant for testing purposes, do NOT use in production!
-cordova.plugin.http.setSSLCertMode('nocheck', function() {
+cordova.plugin.http.setServerTrustMode('nocheck', function() {
  console.log('success!');
 }, function() {
  console.log('error :(');
 });
 ```
 ### setSSLCertMode (deprecated)
 This function was deprecated in 2.0.8. Use ["setServerTrustMode"](#setServerTrustMode) instead.
 ### enableSSLPinning (obsolete)
-This function was removed in 2.0.0. Use ["setSSLCertMode"](#setSSLCertMode) to enable SSL pinning (mode "pinned").
+This function was removed in 2.0.0. Use ["setServerTrustMode"](#setServerTrustMode) to enable SSL pinning (mode "pinned").
 ### acceptAllCerts (obsolete)
-This function was removed in 2.0.0. Use ["setSSLCertMode"](#setSSLCertMode) to disable checking certs (mode "nocheck").
+This function was removed in 2.0.0. Use ["setServerTrustMode"](#setServerTrustMode) to disable checking certs (mode "nocheck").
 ### validateDomainName (obsolete)
 This function was removed in v1.6.2. Domain name validation is disabled automatically when you set server trust mode to "nocheck".
 ### disableRedirect
 If set to `true`, it won't follow redirects automatically. This defaults to false.
@@ -180,9 +186,6 @@ cordova.plugin.http.disableRedirect(true, function() {
 });
 ```
 ### validateDomainName (obsolete)
 This function was removed in v1.6.2. Domain name validation is disabled automatically when you set SSL cert mode to "nocheck".
 ### removeCookies
 Remove all cookies associated with a given URL.
@@ -21,15 +21,17 @@ class CordovaClientAuth implements Runnable, KeyChainAliasCallback {
  private static final String TAG = "Cordova-Plugin-HTTP";
  private String mode;
  private String filePath;
  private Activity activity;
  private Context context;
  private TLSConfiguration tlsConfiguration;
  private CallbackContext callbackContext;
-  public CordovaClientAuth(final String mode, final Activity activity, final Context context,
+  public CordovaClientAuth(final String mode, final String filePath, final Activity activity, final Context context,
      final TLSConfiguration configContainer, final CallbackContext callbackContext) {
    this.mode = mode;
    this.filePath = filePath;
    this.activity = activity;
    this.tlsConfiguration = configContainer;
    this.context = context;
@@ -42,7 +44,7 @@ class CordovaClientAuth implements Runnable, KeyChainAliasCallback {
    case "systemstore":
      KeyChain.choosePrivateKeyAlias(this.activity, this, null, null, null, -1, null);
      break;
-    case "bundle":
+    case "file":
      // @todo use pfx in bundle
      this.callbackContext.error("Not implemented, yet");
      break;
@@ -68,8 +68,8 @@ public class CordovaHttpPlugin extends CordovaPlugin {
      return this.uploadFile(args, callbackContext);
    case "downloadFile":
      return this.downloadFile(args, callbackContext);
-    case "setSSLCertMode":
+    case "setServerTrustMode":
-      return this.setSSLCertMode(args, callbackContext);
+      return this.setServerTrustMode(args, callbackContext);
    case "setClientAuthMode":
      return this.setClientAuthMode(args, callbackContext);
    case "disableRedirect":
@@ -140,7 +140,7 @@ public class CordovaHttpPlugin extends CordovaPlugin {
    return true;
  }
-  private boolean setSSLCertMode(final JSONArray args, final CallbackContext callbackContext) throws JSONException {
+  private boolean setServerTrustMode(final JSONArray args, final CallbackContext callbackContext) throws JSONException {
    CordovaServerTrust runnable = new CordovaServerTrust(args.getString(0), this.cordova.getActivity(),
        this.tlsConfiguration, callbackContext);
@@ -150,7 +150,7 @@ public class CordovaHttpPlugin extends CordovaPlugin {
  }
  private boolean setClientAuthMode(final JSONArray args, final CallbackContext callbackContext) throws JSONException {
-    CordovaClientAuth runnable = new CordovaClientAuth(args.getString(0), this.cordova.getActivity(),
+    CordovaClientAuth runnable = new CordovaClientAuth(args.getString(0), args.getString(1), this.cordova.getActivity(),
        this.cordova.getContext(), this.tlsConfiguration, callbackContext);
    cordova.getThreadPool().execute(runnable);
@@ -28,8 +28,8 @@ public class TLSSocketFactory extends SSLSocketFactory {
  }
  @Override
-  public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException {
+  public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException {
-    return enableTLSOnSocket(delegate.createSocket(s, host, port, autoClose));
+    return enableTLSOnSocket(delegate.createSocket(socket, host, port, autoClose));
  }
  @Override
@@ -4,7 +4,7 @@
@interface CordovaHttpPlugin : CDVPlugin
- (void)setSSLCertMode:(CDVInvokedUrlCommand*)command;
+- (void)setServerTrustMode:(CDVInvokedUrlCommand*)command;
 - (void)disableRedirect:(CDVInvokedUrlCommand*)command;
 - (void)post:(CDVInvokedUrlCommand*)command;
 - (void)get:(CDVInvokedUrlCommand*)command;
@@ -126,7 +126,7 @@
    return headerFieldsCopy;
 }
- (void)setSSLCertMode:(CDVInvokedUrlCommand*)command {
+- (void)setServerTrustMode:(CDVInvokedUrlCommand*)command {
    NSString *certMode = [command.arguments objectAtIndex:0];
    if ([certMode isEqualToString: @"default"] || [certMode isEqualToString: @"legacy"]) {
@@ -1,14 +1,14 @@
 const hooks = {
  onBeforeEachTest: function(done) {
    cordova.plugin.http.clearCookies();
-    helpers.setDefaultCertMode(done);
+    helpers.setDefaultServerTrustMode(done);
  }
 };
 const helpers = {
-  setDefaultCertMode: function(done) { cordova.plugin.http.setSSLCertMode('default', done, done); },
+  setDefaultServerTrustMode: function(done) { cordova.plugin.http.setServerTrustMode('default', done, done); },
-  setNoCheckCertMode: function(done) { cordova.plugin.http.setSSLCertMode('nocheck', done, done); },
+  setNoCheckServerTrustMode: function(done) { cordova.plugin.http.setServerTrustMode('nocheck', done, done); },
-  setPinnedCertMode: function(done) { cordova.plugin.http.setSSLCertMode('pinned', done, done); },
+  setPinnedServerTrustMode: function(done) { cordova.plugin.http.setServerTrustMode('pinned', done, done); },
  setJsonSerializer: function(done) { done(cordova.plugin.http.setDataSerializer('json')); },
  setUtf8StringSerializer: function(done) { done(cordova.plugin.http.setDataSerializer('utf8')); },
  setUrlEncodedSerializer: function(done) { done(cordova.plugin.http.setDataSerializer('urlencoded')); },
@@ -91,7 +91,7 @@ const tests = [
  {
    description: 'should accept bad cert (GET)',
    expected: 'resolved: {"status":200, ...',
-    before: helpers.setNoCheckCertMode,
+    before: helpers.setNoCheckServerTrustMode,
    func: function(resolve, reject) { cordova.plugin.http.get('https://self-signed.badssl.com/', {}, {}, resolve, reject); },
    validationFunc: function(driver, result) {
      result.type.should.be.equal('resolved');
@@ -101,7 +101,7 @@ const tests = [
  {
    description: 'should accept bad cert (PUT)',
    expected: 'rejected: {"status":405, ... // will be rejected because PUT is not allowed',
-    before: helpers.setNoCheckCertMode,
+    before: helpers.setNoCheckServerTrustMode,
    func: function(resolve, reject) { cordova.plugin.http.put('https://self-signed.badssl.com/', { test: 'testString' }, {}, resolve, reject); },
    validationFunc: function(driver, result) {
      result.type.should.be.equal('rejected');
@@ -111,7 +111,7 @@ const tests = [
  {
    description: 'should accept bad cert (POST)',
    expected: 'rejected: {"status":405, ... // will be rejected because POST is not allowed',
-    before: helpers.setNoCheckCertMode,
+    before: helpers.setNoCheckServerTrustMode,
    func: function(resolve, reject) { cordova.plugin.http.post('https://self-signed.badssl.com/', { test: 'testString' }, {}, resolve, reject); },
    validationFunc: function(driver, result) {
      result.type.should.be.equal('rejected');
@@ -121,7 +121,7 @@ const tests = [
  {
    description: 'should accept bad cert (PATCH)',
    expected: 'rejected: {"status":405, ... // will be rejected because PATCH is not allowed',
-    before: helpers.setNoCheckCertMode,
+    before: helpers.setNoCheckServerTrustMode,
    func: function(resolve, reject) { cordova.plugin.http.patch('https://self-signed.badssl.com/', { test: 'testString' }, {}, resolve, reject); },
    validationFunc: function(driver, result) {
      result.type.should.be.equal('rejected');
@@ -131,7 +131,7 @@ const tests = [
  {
    description: 'should accept bad cert (DELETE)',
    expected: 'rejected: {"status":405, ... // will be rejected because DELETE is not allowed',
-    before: helpers.setNoCheckCertMode,
+    before: helpers.setNoCheckServerTrustMode,
    func: function(resolve, reject) { cordova.plugin.http.delete('https://self-signed.badssl.com/', {}, {}, resolve, reject); },
    validationFunc: function(driver, result) {
      result.type.should.be.equal('rejected');
@@ -141,7 +141,7 @@ const tests = [
  {
    description: 'should fetch data from http://httpbin.org/ (GET)',
    expected: 'resolved: {"status":200, ...',
-    before: helpers.setNoCheckCertMode,
+    before: helpers.setNoCheckServerTrustMode,
    func: function(resolve, reject) { cordova.plugin.http.get('http://httpbin.org/', {}, {}, resolve, reject); },
    validationFunc: function(driver, result) {
      result.type.should.be.equal('resolved');
@@ -468,7 +468,7 @@ const tests = [
  {
    description: 'should pin SSL cert correctly (GET)',
    expected: 'resolved: {"status": 200 ...',
-    before: helpers.setPinnedCertMode,
+    before: helpers.setPinnedServerTrustMode,
    func: function(resolve, reject) {
      cordova.plugin.http.get('https://httpbin.org', {}, {}, resolve, reject);
    },
@@ -480,7 +480,7 @@ const tests = [
  {
    description: 'should reject when pinned cert does not match received server cert (GET)',
    expected: 'rejected: {"status": -2 ...',
-    before: helpers.setPinnedCertMode,
+    before: helpers.setPinnedServerTrustMode,
    func: function(resolve, reject) {
      cordova.plugin.http.get('https://sha512.badssl.com/', {}, {}, resolve, reject);
    },
@@ -1,7 +1,7 @@
 module.exports = function init(cookieHandler, messages) {
  var validSerializers = ['urlencoded', 'json', 'utf8'];
  var validCertModes = ['default', 'nocheck', 'pinned', 'legacy'];
-  var validClientAuthModes = ['none', 'systemstore', 'bundle'];
+  var validClientAuthModes = ['none', 'systemstore', 'file'];
  var validHttpMethods = ['get', 'put', 'post', 'patch', 'head', 'delete', 'upload', 'download'];
  return {
@@ -12,7 +12,9 @@ module.exports = function init(exec, cookieHandler, urlUtil, helpers, globalConf
    getCookieString: getCookieString,
    getRequestTimeout: getRequestTimeout,
    setRequestTimeout: setRequestTimeout,
-    setSSLCertMode: setSSLCertMode,
+    // for being backward compatible
    setSSLCertMode: setServerTrustMode,
    setServerTrustMode: setServerTrustMode,
    setClientAuthMode: setClientAuthMode,
    disableRedirect: disableRedirect,
    sendRequest: sendRequest,
@@ -89,15 +91,34 @@ module.exports = function init(exec, cookieHandler, urlUtil, helpers, globalConf
    globalConfigs.timeout = timeout;
  }
-  function setSSLCertMode(mode, success, failure) {
+  function setServerTrustMode(mode, success, failure) {
-    return exec(success, failure, 'CordovaHttpPlugin', 'setSSLCertMode', [helpers.checkSSLCertMode(mode)]);
+    helpers.handleMissingCallbacks(success, failure);
    return exec(success, failure, 'CordovaHttpPlugin', 'setServerTrustMode', [helpers.checkSSLCertMode(mode)]);
  }
-  function setClientAuthMode(mode, success, failure) {
+  function setClientAuthMode() {
-    return exec(success, failure, 'CordovaHttpPlugin', 'setClientAuthMode', [helpers.checkClientAuthMode(mode)]);
+    // filePath is an optional param
    var mode = arguments[0];
    var success = arguments[1];
    var failure = arguments[2];
    var filePath = null;
    if (arguments.length === 4) {
      mode = arguments[0];
      filePath = arguments[1];
      success = arguments[2];
      failure = arguments[3];
    }
    helpers.handleMissingCallbacks(success, failure);
    return exec(success, failure, 'CordovaHttpPlugin', 'setClientAuthMode', [helpers.checkClientAuthMode(mode), filePath]);
  }
  function disableRedirect(disable, success, failure) {
    helpers.handleMissingCallbacks(success, failure);
    return exec(success, failure, 'CordovaHttpPlugin', 'disableRedirect', [!!disable]);
  }