mirror of
https://github.com/silkimen/cordova-plugin-advanced-http.git
synced 2026-02-22 00:00:04 +08:00
Compare commits
9 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
66b7a31bc6 | ||
|
|
83e903b409 | ||
|
|
5ed4dce809 | ||
|
|
872b5fa013 | ||
|
|
75296f0734 | ||
|
|
978708890b | ||
|
|
4fc676cc67 | ||
|
|
0b01dc8b69 | ||
|
|
0d67760abb |
15
README.md
15
README.md
@@ -55,7 +55,9 @@ Set a header for all future requests. Takes a header and a value.
|
||||
});
|
||||
|
||||
### enableSSLPinning
|
||||
Enable or disable SSL pinning. To use SSL pinning you must include at least one .cer SSL certificate in your app project. For ios include your certificate in the root level of your bundle (just add the .cer file to your project/target at the root level). For android include your certificate in your project's platforms/android/assets folder. In both cases all .cer files found will be loaded automatically. If you only have a .pem certificate see this [stackoverflow answer](http://stackoverflow.com/a/16583429/3182729). You want to convert it to a DER encoded certificate with a .cer extension.
|
||||
Enable or disable SSL pinning. To use SSL pinning you must include at least one .cer SSL certificate in your app project. You can pin to your server certificate or to one of the issuing CA certificates. For ios include your certificate in the root level of your bundle (just add the .cer file to your project/target at the root level). For android include your certificate in your project's platforms/android/assets folder. In both cases all .cer files found will be loaded automatically. If you only have a .pem certificate see this [stackoverflow answer](http://stackoverflow.com/a/16583429/3182729). You want to convert it to a DER encoded certificate with a .cer extension.
|
||||
|
||||
As an alternative, you can store your .cer files in the www/certificates folder.
|
||||
|
||||
cordovaHTTP.enableSSLPinning(true, function() {
|
||||
console.log('success!');
|
||||
@@ -165,6 +167,17 @@ This plugin utilizes some awesome open source networking libraries. These are b
|
||||
|
||||
We made a few modifications to http-request. They can be found in a separate repo here: https://github.com/wymsee/http-request
|
||||
|
||||
## Limitations
|
||||
|
||||
This plugin isn't equivalent to using XMLHttpRequest or Ajax calls in Javascript.
|
||||
For instance, the following features are currently not supported:
|
||||
|
||||
- cookies support (a cookie set by a request isn't sent in subsequent requests)
|
||||
- read content of error responses (only the HTTP status code and message are returned)
|
||||
- read returned HTTP headers (e.g. in case security tokens are returned as headers)
|
||||
|
||||
Take this into account when using this plugin into your application.
|
||||
|
||||
## License
|
||||
|
||||
The MIT License
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
<plugin xmlns="http://www.phonegap.com/ns/plugins/1.0"
|
||||
xmlns:android="http://schemas.android.com/apk/res/android"
|
||||
id="com.synconset.cordovaHTTP"
|
||||
version="0.1.3">
|
||||
version="0.1.4">
|
||||
|
||||
<name>SSL Pinning</name>
|
||||
|
||||
@@ -14,7 +14,7 @@
|
||||
<engine name="cordova" version=">=3.0.0" />
|
||||
</engines>
|
||||
|
||||
<dependency id="org.apache.cordova.file" commit="r0.2.5" />
|
||||
<dependency id="org.apache.cordova.file" url="https://github.com/apache/cordova-plugin-file" commit="r0.2.5" />
|
||||
|
||||
<js-module src="www/cordovaHTTP.js" name="CordovaHttpPlugin">
|
||||
<clobbers target="plugins.CordovaHttpPlugin" />
|
||||
|
||||
@@ -39,9 +39,9 @@ import com.github.kevinsawicki.http.HttpRequest;
|
||||
|
||||
public class CordovaHttpPlugin extends CordovaPlugin {
|
||||
private static final String TAG = "CordovaHTTP";
|
||||
|
||||
|
||||
private HashMap<String, String> globalHeaders;
|
||||
|
||||
|
||||
@Override
|
||||
public void initialize(CordovaInterface cordova, CordovaWebView webView) {
|
||||
super.initialize(cordova, webView);
|
||||
@@ -118,11 +118,11 @@ public class CordovaHttpPlugin extends CordovaPlugin {
|
||||
loginInfo = "Basic " + Base64.encodeToString(loginInfo.getBytes(), Base64.NO_WRAP);
|
||||
this.globalHeaders.put("Authorization", loginInfo);
|
||||
}
|
||||
|
||||
|
||||
private void setHeader(String header, String value) {
|
||||
this.globalHeaders.put(header, value);
|
||||
}
|
||||
|
||||
|
||||
private void enableSSLPinning(boolean enable) throws GeneralSecurityException, IOException {
|
||||
if (enable) {
|
||||
AssetManager assetManager = cordova.getActivity().getAssets();
|
||||
@@ -137,7 +137,18 @@ public class CordovaHttpPlugin extends CordovaPlugin {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// scan the www/certificates folder for .cer files as well
|
||||
files = assetManager.list("www/certificates");
|
||||
for (int i = 0; i < files.length; i++) {
|
||||
index = files[i].lastIndexOf('.');
|
||||
if (index != -1) {
|
||||
if (files[i].substring(index).equals(".cer")) {
|
||||
cerFiles.add("www/certificates/" + files[i]);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
for (int i = 0; i < cerFiles.size(); i++) {
|
||||
InputStream in = cordova.getActivity().getAssets().open(cerFiles.get(i));
|
||||
InputStream caInput = new BufferedInputStream(in);
|
||||
@@ -148,22 +159,22 @@ public class CordovaHttpPlugin extends CordovaPlugin {
|
||||
CordovaHttp.enableSSLPinning(false);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
private HashMap<String, String> addToMap(HashMap<String, String> map, JSONObject object) throws JSONException {
|
||||
HashMap<String, String> newMap = (HashMap<String, String>)map.clone();
|
||||
Iterator<?> i = object.keys();
|
||||
|
||||
|
||||
while (i.hasNext()) {
|
||||
String key = (String)i.next();
|
||||
newMap.put(key, object.getString(key));
|
||||
}
|
||||
return newMap;
|
||||
}
|
||||
|
||||
|
||||
private HashMap<String, Object> getMapFromJSONObject(JSONObject object) throws JSONException {
|
||||
HashMap<String, Object> map = new HashMap<String, Object>();
|
||||
Iterator<?> i = object.keys();
|
||||
|
||||
|
||||
while(i.hasNext()) {
|
||||
String key = (String)i.next();
|
||||
map.put(key, object.get(key));
|
||||
|
||||
@@ -179,12 +179,17 @@ static NSArray * AFPublicKeyTrustChainForServerTrust(SecTrustRef serverTrust) {
|
||||
dispatch_once(&onceToken, ^{
|
||||
NSBundle *bundle = [NSBundle bundleForClass:[self class]];
|
||||
NSArray *paths = [bundle pathsForResourcesOfType:@"cer" inDirectory:@"."];
|
||||
|
||||
NSMutableArray *certificates = [NSMutableArray arrayWithCapacity:[paths count]];
|
||||
for (NSString *path in paths) {
|
||||
NSData *certificateData = [NSData dataWithContentsOfFile:path];
|
||||
[certificates addObject:certificateData];
|
||||
}
|
||||
// also add certs from www/certificates
|
||||
paths = [bundle pathsForResourcesOfType:@"cer" inDirectory:@"www/certificates"];
|
||||
for (NSString *path in paths) {
|
||||
NSData *certificateData = [NSData dataWithContentsOfFile:path];
|
||||
[certificates addObject:certificateData];
|
||||
}
|
||||
|
||||
_defaultPinnedCertificates = [[NSArray alloc] initWithArray:certificates];
|
||||
});
|
||||
|
||||
4
www/cordovaHTTP.js
vendored
4
www/cordovaHTTP.js
vendored
@@ -63,6 +63,8 @@ var http = {
|
||||
}
|
||||
};
|
||||
|
||||
module.exports = http;
|
||||
|
||||
if (typeof angular !== "undefined") {
|
||||
angular.module('cordovaHTTP', []).factory('cordovaHTTP', function($timeout, $q) {
|
||||
function makePromise(fn, args, async) {
|
||||
@@ -126,4 +128,4 @@ if (typeof angular !== "undefined") {
|
||||
});
|
||||
} else {
|
||||
window.cordovaHTTP = http;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user