Removed Android unsafe trust manager, fix #593

This commit is contained in:
Lorenzo Pichilli 2022-10-05 17:00:56 +02:00
parent 0579de9f9c
commit 9557612905
4 changed files with 23 additions and 52 deletions

View File

@ -1,3 +1,7 @@
## 5.4.4+3
- Removed Android unsafe trust manager
## 5.4.4+2 ## 5.4.4+2
- Fixed LICENSE - Fixed LICENSE

View File

@ -177,50 +177,12 @@ public class Util {
} }
} }
public static OkHttpClient getUnsafeOkHttpClient() { public static OkHttpClient getBasicOkHttpClient() {
try { return new OkHttpClient.Builder()
// Create a trust manager that does not validate certificate chains .connectTimeout(15, TimeUnit.SECONDS)
final TrustManager[] trustAllCerts = new TrustManager[] { .writeTimeout(15, TimeUnit.SECONDS)
new X509TrustManager() { .readTimeout(15, TimeUnit.SECONDS)
@Override .build();
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) throws CertificateException {
}
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[]{};
}
}
};
// Install the all-trusting trust manager
final SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
// Create an ssl socket factory with our all-trusting manager
final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
OkHttpClient.Builder builder = new OkHttpClient.Builder();
builder.sslSocketFactory(sslSocketFactory, (X509TrustManager)trustAllCerts[0]);
builder.hostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
OkHttpClient okHttpClient = builder
.connectTimeout(15, TimeUnit.SECONDS)
.writeTimeout(15, TimeUnit.SECONDS)
.readTimeout(15, TimeUnit.SECONDS)
.build();
return okHttpClient;
} catch (Exception e) {
throw new RuntimeException(e);
}
} }
/** /**

View File

@ -2,7 +2,6 @@ package com.pichillilorenzo.flutter_inappwebview.content_blocker;
import android.os.Build; import android.os.Build;
import android.os.Handler; import android.os.Handler;
import android.os.Looper;
import android.util.Log; import android.util.Log;
import android.webkit.WebResourceResponse; import android.webkit.WebResourceResponse;
@ -21,6 +20,8 @@ import java.util.concurrent.CopyOnWriteArrayList;
import java.util.concurrent.CountDownLatch; import java.util.concurrent.CountDownLatch;
import java.util.regex.Matcher; import java.util.regex.Matcher;
import javax.net.ssl.SSLHandshakeException;
import okhttp3.Request; import okhttp3.Request;
import okhttp3.Response; import okhttp3.Response;
@ -181,7 +182,7 @@ public class ContentBlockerHandler {
Response response = null; Response response = null;
try { try {
response = Util.getUnsafeOkHttpClient().newCall(mRequest).execute(); response = Util.getBasicOkHttpClient().newCall(mRequest).execute();
byte[] dataBytes = response.body().bytes(); byte[] dataBytes = response.body().bytes();
InputStream dataStream = new ByteArrayInputStream(dataBytes); InputStream dataStream = new ByteArrayInputStream(dataBytes);
@ -198,12 +199,14 @@ public class ContentBlockerHandler {
return new WebResourceResponse(contentType, encoding, dataStream); return new WebResourceResponse(contentType, encoding, dataStream);
} catch (Exception e) { } catch (Exception e) {
e.printStackTrace();
if (response != null) { if (response != null) {
response.body().close(); response.body().close();
response.close(); response.close();
} }
Log.e(LOG_TAG, e.getMessage()); if (!(e instanceof SSLHandshakeException)) {
e.printStackTrace();
Log.e(LOG_TAG, e.getMessage());
}
} }
} }
break; break;
@ -231,7 +234,7 @@ public class ContentBlockerHandler {
Request mRequest = new Request.Builder().url(url).head().build(); Request mRequest = new Request.Builder().url(url).head().build();
Response response = null; Response response = null;
try { try {
response = Util.getUnsafeOkHttpClient().newCall(mRequest).execute(); response = Util.getBasicOkHttpClient().newCall(mRequest).execute();
if (response.header("content-type") != null) { if (response.header("content-type") != null) {
String[] contentTypeSplitted = response.header("content-type").split(";"); String[] contentTypeSplitted = response.header("content-type").split(";");
@ -251,8 +254,10 @@ public class ContentBlockerHandler {
response.body().close(); response.body().close();
response.close(); response.close();
} }
e.printStackTrace(); if (!(e instanceof SSLHandshakeException)) {
Log.e(LOG_TAG, e.getMessage()); e.printStackTrace();
Log.e(LOG_TAG, e.getMessage());
}
} }
} }
return responseResourceType; return responseResourceType;

View File

@ -1,6 +1,6 @@
name: flutter_inappwebview name: flutter_inappwebview
description: A Flutter plugin that allows you to add an inline webview, to use an headless webview, and to open an in-app browser window. description: A Flutter plugin that allows you to add an inline webview, to use an headless webview, and to open an in-app browser window.
version: 5.4.4+2 version: 5.4.4+3
homepage: https://github.com/pichillilorenzo/flutter_inappwebview homepage: https://github.com/pichillilorenzo/flutter_inappwebview
environment: environment: