From 05191a8c8794fa307b00c6e917b5935e7a1000a2 Mon Sep 17 00:00:00 2001 From: Joonas Kannisto Date: Wed, 23 Oct 2024 11:41:38 +0300 Subject: [PATCH 1/5] Add option to allow SSL errors --- src/http.android.ts | 4 + src/index.d.ts | 6 + src/package.json | 146 +++++++++--------- .../com/klippa/NativeScriptHTTP/Async.java | 47 ++++++ src/typings/android.d.ts | 1 + 5 files changed, 131 insertions(+), 73 deletions(-) diff --git a/src/http.android.ts b/src/http.android.ts index 4a36baf..3d20a6f 100644 --- a/src/http.android.ts +++ b/src/http.android.ts @@ -496,6 +496,10 @@ export function clearCookies() { com.klippa.NativeScriptHTTP.Async.Http.ClearCookies(); } +export function allowSslErrors(allow: boolean) { + com.klippa.NativeScriptHTTP.Async.Http.AllowSslErrors(allow); +} + export function setUserAgent(userAgent?: string) { customUserAgent = userAgent; } diff --git a/src/index.d.ts b/src/index.d.ts index 1192bc8..2cd5d26 100644 --- a/src/index.d.ts +++ b/src/index.d.ts @@ -112,6 +112,12 @@ export declare function setConcurrencyLimits(maxRequests: number, maxRequestsPer */ export declare function clearCookies(): void; +/** + * Allow SSL errors and self-signed certificates + * @param allow true/false + */ +export declare function allowSslErrors(allow: boolean): void; + /** * Set a global user agent. * @param userAgent The new user agent. Set to null to use the default again. diff --git a/src/package.json b/src/package.json index 6a02197..edeccee 100644 --- a/src/package.json +++ b/src/package.json @@ -1,75 +1,75 @@ { - "name": "@klippa/nativescript-http", - "version": "3.0.4", - "description": "The best way to do HTTP requests in NativeScript, a drop-in replacement for the core HTTP with important improvements and additions like proper connection pooling, form data support and certificate pinning", - "main": "http", - "typings": "index.d.ts", - "nativescript": { - "platforms": { - "android": "6.5.0", - "ios": "6.5.0" - } - }, - "repository": { - "type": "git", - "url": "https://github.com/klippa-app/nativescript-http.git" - }, - "scripts": { - "tsc": "npm i && ts-patch install && tsc", - "build": "npm i && ts-patch install && npm run ngcc && npm run ngc", - "build.old": "npm i && ts-patch install && npm run ngcc && npm run ngc", - "tslint": "cd .. && tslint \"**/*.ts\" --config tslint.json --exclude \"**/node_modules/**\" --exclude \"**/typings/**\"", - "ci.tslint": "npm i && ts-patch install && tslint '**/*.ts' --config '../tslint.json' --exclude '**/node_modules/**' --exclude '**/platforms/**' --exclude '**/typings/**'", - "demo.ios": "npm i && ts-patch install && cd ../demo && ns run ios", - "demo.android": "npm i && ts-patch install && cd ../demo && ns run android", - "demo.reset": "cd ../demo && npx rimraf -- hooks node_modules platforms package-lock.json", - "demo-angular.ios": "npm i && ts-patch install && cd ../demo-angular && ns run ios", - "demo-angular.android": "npm i && ts-patch install && cd ../demo-angular && ns run android", - "demo-angular.reset": "cd ../demo-angular && npx rimraf -- hooks node_modules platforms package-lock.json", - "plugin.prepare": "npm run build && cd ../demo && ns plugin remove @klippa/nativescript-http && ns plugin add ../src && cd ../demo-angular && ns plugin remove @klippa/nativescript-http && ns plugin add ../src", - "clean": "npm run demo.reset && npm run demo-angular.reset && npx rimraf -- node_modules package-lock.json && npm i", - "ngcc": "node --max-old-space-size=8192 ./node_modules/.bin/ngcc -p es2015", - "ngc": "node --max-old-space-size=8192 ./node_modules/.bin/ngc" - }, - "keywords": [ - "NativeScript", - "JavaScript", - "Android", - "iOS" - ], - "author": { - "name": "Jeroen Bobbeldijk", - "email": "jeroen@klippa.com" - }, - "bugs": { - "url": "https://github.com/klippa-app/nativescript-http/issues" - }, - "license": "MIT", - "homepage": "https://github.com/klippa-app/nativescript-http", - "devDependencies": { - "@angular/common": "~14.0.0", - "@angular/compiler": "~14.0.0", - "@angular/compiler-cli": "~14.0.0", - "@angular/core": "~14.0.0", - "@nativescript/angular": "~14.0.0", - "@nativescript/core": "~8.2.0", - "@nativescript/types": "~8.2.0", - "@nativescript/webpack": "~5.0.6", - "@angular/router": "~14.0.0", - "@angular/animations": "~14.0.0", - "@angular/forms": "~14.0.0", - "@angular/platform-browser": "~14.0.0", - "prompt": "^1.0.0", - "rimraf": "^2.6.3", - "rxjs": "~7.5.0", - "semver": "^5.6.0", - "ts-patch": "^1.3.0", - "tslint": "6.1.3", - "typescript": "~4.7.0", - "zone.js": "~0.11.5" - }, - "dependencies": { - "ts-node": "9.1.1" - }, - "bootstrapper": "nativescript-plugin-seed" + "name": "@klippa/nativescript-http", + "version": "3.0.5", + "description": "The best way to do HTTP requests in NativeScript, a drop-in replacement for the core HTTP with important improvements and additions like proper connection pooling, form data support and certificate pinning", + "main": "http", + "typings": "index.d.ts", + "nativescript": { + "platforms": { + "android": "6.5.0", + "ios": "6.5.0" + } + }, + "repository": { + "type": "git", + "url": "https://github.com/klippa-app/nativescript-http.git" + }, + "scripts": { + "tsc": "npm i && ts-patch install && tsc", + "build": "npm i && ts-patch install && npm run ngcc && npm run ngc", + "build.old": "npm i && ts-patch install && npm run ngcc && npm run ngc", + "tslint": "cd .. && tslint \"**/*.ts\" --config tslint.json --exclude \"**/node_modules/**\" --exclude \"**/typings/**\"", + "ci.tslint": "npm i && ts-patch install && tslint '**/*.ts' --config '../tslint.json' --exclude '**/node_modules/**' --exclude '**/platforms/**' --exclude '**/typings/**'", + "demo.ios": "npm i && ts-patch install && cd ../demo && ns run ios", + "demo.android": "npm i && ts-patch install && cd ../demo && ns run android", + "demo.reset": "cd ../demo && npx rimraf -- hooks node_modules platforms package-lock.json", + "demo-angular.ios": "npm i && ts-patch install && cd ../demo-angular && ns run ios", + "demo-angular.android": "npm i && ts-patch install && cd ../demo-angular && ns run android", + "demo-angular.reset": "cd ../demo-angular && npx rimraf -- hooks node_modules platforms package-lock.json", + "plugin.prepare": "npm run build && cd ../demo && ns plugin remove @klippa/nativescript-http && ns plugin add ../src && cd ../demo-angular && ns plugin remove @klippa/nativescript-http && ns plugin add ../src", + "clean": "npm run demo.reset && npm run demo-angular.reset && npx rimraf -- node_modules package-lock.json && npm i", + "ngcc": "node --max-old-space-size=8192 ./node_modules/.bin/ngcc -p es2015", + "ngc": "node --max-old-space-size=8192 ./node_modules/.bin/ngc" + }, + "keywords": [ + "NativeScript", + "JavaScript", + "Android", + "iOS" + ], + "author": { + "name": "Jeroen Bobbeldijk", + "email": "jeroen@klippa.com" + }, + "bugs": { + "url": "https://github.com/klippa-app/nativescript-http/issues" + }, + "license": "MIT", + "homepage": "https://github.com/klippa-app/nativescript-http", + "devDependencies": { + "@angular/common": "~14.0.0", + "@angular/compiler": "~14.0.0", + "@angular/compiler-cli": "~14.0.0", + "@angular/core": "~14.0.0", + "@nativescript/angular": "~14.0.0", + "@nativescript/core": "~8.2.0", + "@nativescript/types": "~8.2.0", + "@nativescript/webpack": "~5.0.6", + "@angular/router": "~14.0.0", + "@angular/animations": "~14.0.0", + "@angular/forms": "~14.0.0", + "@angular/platform-browser": "~14.0.0", + "prompt": "^1.0.0", + "rimraf": "^2.6.3", + "rxjs": "~7.5.0", + "semver": "^5.6.0", + "ts-patch": "^1.3.0", + "tslint": "6.1.3", + "typescript": "~4.7.0", + "zone.js": "~0.11.5" + }, + "dependencies": { + "ts-node": "9.1.1" + }, + "bootstrapper": "nativescript-plugin-seed" } diff --git a/src/platforms/android/java/com/klippa/NativeScriptHTTP/Async.java b/src/platforms/android/java/com/klippa/NativeScriptHTTP/Async.java index da9e96b..ddb2ca2 100644 --- a/src/platforms/android/java/com/klippa/NativeScriptHTTP/Async.java +++ b/src/platforms/android/java/com/klippa/NativeScriptHTTP/Async.java @@ -89,6 +89,7 @@ public static class Http { private static MemoryCookieJar cookieJar; private static CertificatePinner.Builder certificatePinnerBuilder; private static ImageParseMethod imageParseMethod = ImageParseMethod.CONTENTTYPE; + private static boolean allowSslErrors = false; public static void InitClient() { if (cookieJar == null) { @@ -96,6 +97,47 @@ public static void InitClient() { } if (client == null) { + if (allowSslErrors) { + // Allow all ssl errors + try { + javax.net.ssl.TrustManager TRUST_ALL_CERTS = new javax.net.ssl.X509TrustManager() { + @Override + public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) { + } + + @Override + public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) { + } + + @Override + public java.security.cert.X509Certificate[] getAcceptedIssuers() { + return new java.security.cert.X509Certificate[] {}; + } + }; + + javax.net.ssl.SSLContext sslContext = javax.net.ssl.SSLContext.getInstance("SSL"); + sslContext.init(null, new javax.net.ssl.TrustManager[] { TRUST_ALL_CERTS }, new java.security.SecureRandom()); + client = new OkHttpClient.Builder() + .writeTimeout(60, TimeUnit.SECONDS) + .readTimeout(60, TimeUnit.SECONDS) + .connectTimeout(60, TimeUnit.SECONDS) + .sslSocketFactory(sslContext.getSocketFactory(), (javax.net.ssl.X509TrustManager) TRUST_ALL_CERTS) + .hostnameVerifier(new javax.net.ssl.HostnameVerifier() { + @Override + public boolean verify(String hostname, javax.net.ssl.SSLSession session) { + return true; + } + }) + .cookieJar(cookieJar) + .build(); + } catch (java.security.KeyManagementException e) { + e.printStackTrace(); + } catch (java.security.NoSuchAlgorithmException e) { + e.printStackTrace(); + } + return; + } + client = new OkHttpClient.Builder() .writeTimeout(60, TimeUnit.SECONDS) .readTimeout(60, TimeUnit.SECONDS) @@ -188,6 +230,11 @@ public static void ClearCookies() { } } + public static void AllowSslErrors(boolean allow) { + allowSslErrors = allow; + InitClient(); + } + public static void SetImageParseMethod(ImageParseMethod newImageParseMethod) { imageParseMethod = newImageParseMethod; } diff --git a/src/typings/android.d.ts b/src/typings/android.d.ts index 1b83891..b19b97c 100644 --- a/src/typings/android.d.ts +++ b/src/typings/android.d.ts @@ -25,6 +25,7 @@ declare module com { public static class: java.lang.Class; public static SetConcurrencyLimits(param0: number, param1: number): void; public static ClearCookies(): void; + public static AllowSslErrors(param0: boolean): void; public static MakeRequest(param0: com.klippa.NativeScriptHTTP.Async.Http.RequestOptions, param1: com.klippa.NativeScriptHTTP.Async.CompleteCallback, param2: any): void; public constructor(); public static InitClient(): void; From 481ccefaf094fe057f58a25d3b6c6ccb8d3b8bf7 Mon Sep 17 00:00:00 2001 From: Joonas Kannisto Date: Thu, 24 Oct 2024 10:36:31 +0300 Subject: [PATCH 2/5] Reset client before setting allowSslErrors value --- README.md | 14 ++ src/index.d.ts | 1 + src/package.json | 146 +++++++++--------- .../com/klippa/NativeScriptHTTP/Async.java | 1 + 4 files changed, 89 insertions(+), 73 deletions(-) diff --git a/README.md b/README.md index e34ce62..e46c330 100644 --- a/README.md +++ b/README.md @@ -483,6 +483,20 @@ certificatePinningAdd("mydomain.com", ["DCU5TkA8n3L8+QM7dyTjfRlxWibigF+1cxMzRhlJ certificatePinningClear(); ``` +### Allow SSL errors and self-signed certificates + +You can allow SSL errors and self-signed certificates if you want. This only works on android devices. + +```typescript +import { allowSslErrors } from "@klippa/nativescript-http"; + +/** + * Allow SSL errors and self-signed certificates + * @param allow true/false + */ +allowSslErrors(true); +``` + ## Roadmap * Cache control * Allowing self signed certificates (WIP in feature/self-signed) diff --git a/src/index.d.ts b/src/index.d.ts index 2cd5d26..66654ee 100644 --- a/src/index.d.ts +++ b/src/index.d.ts @@ -114,6 +114,7 @@ export declare function clearCookies(): void; /** * Allow SSL errors and self-signed certificates + * ** Only Android ** * @param allow true/false */ export declare function allowSslErrors(allow: boolean): void; diff --git a/src/package.json b/src/package.json index edeccee..e80acd4 100644 --- a/src/package.json +++ b/src/package.json @@ -1,75 +1,75 @@ { - "name": "@klippa/nativescript-http", - "version": "3.0.5", - "description": "The best way to do HTTP requests in NativeScript, a drop-in replacement for the core HTTP with important improvements and additions like proper connection pooling, form data support and certificate pinning", - "main": "http", - "typings": "index.d.ts", - "nativescript": { - "platforms": { - "android": "6.5.0", - "ios": "6.5.0" - } - }, - "repository": { - "type": "git", - "url": "https://github.com/klippa-app/nativescript-http.git" - }, - "scripts": { - "tsc": "npm i && ts-patch install && tsc", - "build": "npm i && ts-patch install && npm run ngcc && npm run ngc", - "build.old": "npm i && ts-patch install && npm run ngcc && npm run ngc", - "tslint": "cd .. && tslint \"**/*.ts\" --config tslint.json --exclude \"**/node_modules/**\" --exclude \"**/typings/**\"", - "ci.tslint": "npm i && ts-patch install && tslint '**/*.ts' --config '../tslint.json' --exclude '**/node_modules/**' --exclude '**/platforms/**' --exclude '**/typings/**'", - "demo.ios": "npm i && ts-patch install && cd ../demo && ns run ios", - "demo.android": "npm i && ts-patch install && cd ../demo && ns run android", - "demo.reset": "cd ../demo && npx rimraf -- hooks node_modules platforms package-lock.json", - "demo-angular.ios": "npm i && ts-patch install && cd ../demo-angular && ns run ios", - "demo-angular.android": "npm i && ts-patch install && cd ../demo-angular && ns run android", - "demo-angular.reset": "cd ../demo-angular && npx rimraf -- hooks node_modules platforms package-lock.json", - "plugin.prepare": "npm run build && cd ../demo && ns plugin remove @klippa/nativescript-http && ns plugin add ../src && cd ../demo-angular && ns plugin remove @klippa/nativescript-http && ns plugin add ../src", - "clean": "npm run demo.reset && npm run demo-angular.reset && npx rimraf -- node_modules package-lock.json && npm i", - "ngcc": "node --max-old-space-size=8192 ./node_modules/.bin/ngcc -p es2015", - "ngc": "node --max-old-space-size=8192 ./node_modules/.bin/ngc" - }, - "keywords": [ - "NativeScript", - "JavaScript", - "Android", - "iOS" - ], - "author": { - "name": "Jeroen Bobbeldijk", - "email": "jeroen@klippa.com" - }, - "bugs": { - "url": "https://github.com/klippa-app/nativescript-http/issues" - }, - "license": "MIT", - "homepage": "https://github.com/klippa-app/nativescript-http", - "devDependencies": { - "@angular/common": "~14.0.0", - "@angular/compiler": "~14.0.0", - "@angular/compiler-cli": "~14.0.0", - "@angular/core": "~14.0.0", - "@nativescript/angular": "~14.0.0", - "@nativescript/core": "~8.2.0", - "@nativescript/types": "~8.2.0", - "@nativescript/webpack": "~5.0.6", - "@angular/router": "~14.0.0", - "@angular/animations": "~14.0.0", - "@angular/forms": "~14.0.0", - "@angular/platform-browser": "~14.0.0", - "prompt": "^1.0.0", - "rimraf": "^2.6.3", - "rxjs": "~7.5.0", - "semver": "^5.6.0", - "ts-patch": "^1.3.0", - "tslint": "6.1.3", - "typescript": "~4.7.0", - "zone.js": "~0.11.5" - }, - "dependencies": { - "ts-node": "9.1.1" - }, - "bootstrapper": "nativescript-plugin-seed" + "name": "@klippa/nativescript-http", + "version": "3.0.5", + "description": "The best way to do HTTP requests in NativeScript, a drop-in replacement for the core HTTP with important improvements and additions like proper connection pooling, form data support and certificate pinning", + "main": "http", + "typings": "index.d.ts", + "nativescript": { + "platforms": { + "android": "6.5.0", + "ios": "6.5.0" + } + }, + "repository": { + "type": "git", + "url": "https://github.com/klippa-app/nativescript-http.git" + }, + "scripts": { + "tsc": "npm i && ts-patch install && tsc", + "build": "npm i && ts-patch install && npm run ngcc && npm run ngc", + "build.old": "npm i && ts-patch install && npm run ngcc && npm run ngc", + "tslint": "cd .. && tslint \"**/*.ts\" --config tslint.json --exclude \"**/node_modules/**\" --exclude \"**/typings/**\"", + "ci.tslint": "npm i && ts-patch install && tslint '**/*.ts' --config '../tslint.json' --exclude '**/node_modules/**' --exclude '**/platforms/**' --exclude '**/typings/**'", + "demo.ios": "npm i && ts-patch install && cd ../demo && ns run ios", + "demo.android": "npm i && ts-patch install && cd ../demo && ns run android", + "demo.reset": "cd ../demo && npx rimraf -- hooks node_modules platforms package-lock.json", + "demo-angular.ios": "npm i && ts-patch install && cd ../demo-angular && ns run ios", + "demo-angular.android": "npm i && ts-patch install && cd ../demo-angular && ns run android", + "demo-angular.reset": "cd ../demo-angular && npx rimraf -- hooks node_modules platforms package-lock.json", + "plugin.prepare": "npm run build && cd ../demo && ns plugin remove @klippa/nativescript-http && ns plugin add ../src && cd ../demo-angular && ns plugin remove @klippa/nativescript-http && ns plugin add ../src", + "clean": "npm run demo.reset && npm run demo-angular.reset && npx rimraf -- node_modules package-lock.json && npm i", + "ngcc": "node --max-old-space-size=8192 ./node_modules/.bin/ngcc -p es2015", + "ngc": "node --max-old-space-size=8192 ./node_modules/.bin/ngc" + }, + "keywords": [ + "NativeScript", + "JavaScript", + "Android", + "iOS" + ], + "author": { + "name": "Jeroen Bobbeldijk", + "email": "jeroen@klippa.com" + }, + "bugs": { + "url": "https://github.com/klippa-app/nativescript-http/issues" + }, + "license": "MIT", + "homepage": "https://github.com/klippa-app/nativescript-http", + "devDependencies": { + "@angular/common": "~14.0.0", + "@angular/compiler": "~14.0.0", + "@angular/compiler-cli": "~14.0.0", + "@angular/core": "~14.0.0", + "@nativescript/angular": "~14.0.0", + "@nativescript/core": "~8.2.0", + "@nativescript/types": "~8.2.0", + "@nativescript/webpack": "~5.0.6", + "@angular/router": "~14.0.0", + "@angular/animations": "~14.0.0", + "@angular/forms": "~14.0.0", + "@angular/platform-browser": "~14.0.0", + "prompt": "^1.0.0", + "rimraf": "^2.6.3", + "rxjs": "~7.5.0", + "semver": "^5.6.0", + "ts-patch": "^1.3.0", + "tslint": "6.1.3", + "typescript": "~4.7.0", + "zone.js": "~0.11.5" + }, + "dependencies": { + "ts-node": "9.1.1" + }, + "bootstrapper": "nativescript-plugin-seed" } diff --git a/src/platforms/android/java/com/klippa/NativeScriptHTTP/Async.java b/src/platforms/android/java/com/klippa/NativeScriptHTTP/Async.java index ddb2ca2..cad9b09 100644 --- a/src/platforms/android/java/com/klippa/NativeScriptHTTP/Async.java +++ b/src/platforms/android/java/com/klippa/NativeScriptHTTP/Async.java @@ -231,6 +231,7 @@ public static void ClearCookies() { } public static void AllowSslErrors(boolean allow) { + client = null; allowSslErrors = allow; InitClient(); } From 7b8af780eed72b8fdea5d943cc7aeacacd354a19 Mon Sep 17 00:00:00 2001 From: Joonas Kannisto Date: Mon, 28 Oct 2024 14:58:48 +0200 Subject: [PATCH 3/5] Renamed --- README.md | 12 +++---- src/http.android.ts | 4 +-- src/index.d.ts | 7 ++-- .../com/klippa/NativeScriptHTTP/Async.java | 34 ++++++++----------- src/typings/android.d.ts | 2 +- 5 files changed, 26 insertions(+), 33 deletions(-) diff --git a/README.md b/README.md index e46c330..241cb94 100644 --- a/README.md +++ b/README.md @@ -483,18 +483,18 @@ certificatePinningAdd("mydomain.com", ["DCU5TkA8n3L8+QM7dyTjfRlxWibigF+1cxMzRhlJ certificatePinningClear(); ``` -### Allow SSL errors and self-signed certificates +### Disable SSL validation -You can allow SSL errors and self-signed certificates if you want. This only works on android devices. +You can disable SSL validations ```typescript -import { allowSslErrors } from "@klippa/nativescript-http"; +import { disableSSLValidation } from "@klippa/nativescript-http"; /** - * Allow SSL errors and self-signed certificates - * @param allow true/false + * Disable SSL validations + * @param disable true/false */ -allowSslErrors(true); +disableSSLValidation(true); ``` ## Roadmap diff --git a/src/http.android.ts b/src/http.android.ts index 3d20a6f..9aa692d 100644 --- a/src/http.android.ts +++ b/src/http.android.ts @@ -496,8 +496,8 @@ export function clearCookies() { com.klippa.NativeScriptHTTP.Async.Http.ClearCookies(); } -export function allowSslErrors(allow: boolean) { - com.klippa.NativeScriptHTTP.Async.Http.AllowSslErrors(allow); +export function disableSSLValidation(disable: boolean) { + com.klippa.NativeScriptHTTP.Async.Http.DisableSSLValidation(disable); } export function setUserAgent(userAgent?: string) { diff --git a/src/index.d.ts b/src/index.d.ts index 66654ee..f4322ca 100644 --- a/src/index.d.ts +++ b/src/index.d.ts @@ -113,11 +113,10 @@ export declare function setConcurrencyLimits(maxRequests: number, maxRequestsPer export declare function clearCookies(): void; /** - * Allow SSL errors and self-signed certificates - * ** Only Android ** - * @param allow true/false + * Disable SSL validation + * @param disable true/false */ -export declare function allowSslErrors(allow: boolean): void; +export declare function disableSSLValidation(disable: boolean): void; /** * Set a global user agent. diff --git a/src/platforms/android/java/com/klippa/NativeScriptHTTP/Async.java b/src/platforms/android/java/com/klippa/NativeScriptHTTP/Async.java index cad9b09..890c195 100644 --- a/src/platforms/android/java/com/klippa/NativeScriptHTTP/Async.java +++ b/src/platforms/android/java/com/klippa/NativeScriptHTTP/Async.java @@ -89,7 +89,7 @@ public static class Http { private static MemoryCookieJar cookieJar; private static CertificatePinner.Builder certificatePinnerBuilder; private static ImageParseMethod imageParseMethod = ImageParseMethod.CONTENTTYPE; - private static boolean allowSslErrors = false; + private static boolean disableSslValidation = false; public static void InitClient() { if (cookieJar == null) { @@ -97,8 +97,14 @@ public static void InitClient() { } if (client == null) { - if (allowSslErrors) { - // Allow all ssl errors + OkHttpClient.Builder builder = new OkHttpClient.Builder() + .writeTimeout(60, TimeUnit.SECONDS) + .readTimeout(60, TimeUnit.SECONDS) + .connectTimeout(60, TimeUnit.SECONDS) + .cookieJar(cookieJar); + + if (disableSslValidation) { + // Disable ssl validations try { javax.net.ssl.TrustManager TRUST_ALL_CERTS = new javax.net.ssl.X509TrustManager() { @Override @@ -117,33 +123,21 @@ public java.security.cert.X509Certificate[] getAcceptedIssuers() { javax.net.ssl.SSLContext sslContext = javax.net.ssl.SSLContext.getInstance("SSL"); sslContext.init(null, new javax.net.ssl.TrustManager[] { TRUST_ALL_CERTS }, new java.security.SecureRandom()); - client = new OkHttpClient.Builder() - .writeTimeout(60, TimeUnit.SECONDS) - .readTimeout(60, TimeUnit.SECONDS) - .connectTimeout(60, TimeUnit.SECONDS) - .sslSocketFactory(sslContext.getSocketFactory(), (javax.net.ssl.X509TrustManager) TRUST_ALL_CERTS) + builder.sslSocketFactory(sslContext.getSocketFactory(), (javax.net.ssl.X509TrustManager) TRUST_ALL_CERTS) .hostnameVerifier(new javax.net.ssl.HostnameVerifier() { @Override public boolean verify(String hostname, javax.net.ssl.SSLSession session) { return true; } - }) - .cookieJar(cookieJar) - .build(); + }); } catch (java.security.KeyManagementException e) { e.printStackTrace(); } catch (java.security.NoSuchAlgorithmException e) { e.printStackTrace(); } - return; } - client = new OkHttpClient.Builder() - .writeTimeout(60, TimeUnit.SECONDS) - .readTimeout(60, TimeUnit.SECONDS) - .connectTimeout(60, TimeUnit.SECONDS) - .cookieJar(cookieJar) - .build(); + client = builder.build(); } } @@ -230,9 +224,9 @@ public static void ClearCookies() { } } - public static void AllowSslErrors(boolean allow) { + public static void DisableSSLValidation(boolean disable) { client = null; - allowSslErrors = allow; + disableSslValidation = disable; InitClient(); } diff --git a/src/typings/android.d.ts b/src/typings/android.d.ts index b19b97c..8e51616 100644 --- a/src/typings/android.d.ts +++ b/src/typings/android.d.ts @@ -25,7 +25,7 @@ declare module com { public static class: java.lang.Class; public static SetConcurrencyLimits(param0: number, param1: number): void; public static ClearCookies(): void; - public static AllowSslErrors(param0: boolean): void; + public static DisableSSLValidation(param0: boolean): void; public static MakeRequest(param0: com.klippa.NativeScriptHTTP.Async.Http.RequestOptions, param1: com.klippa.NativeScriptHTTP.Async.CompleteCallback, param2: any): void; public constructor(); public static InitClient(): void; From 6228b3b438bd1c810510cb13c6449dd1e5a54cca Mon Sep 17 00:00:00 2001 From: Joonas Kannisto Date: Mon, 28 Oct 2024 16:07:13 +0200 Subject: [PATCH 4/5] iOS added missing method --- src/http.ios.ts | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/http.ios.ts b/src/http.ios.ts index 48d6acd..9722068 100644 --- a/src/http.ios.ts +++ b/src/http.ios.ts @@ -461,6 +461,10 @@ export function setImageParseMethod(imageParseMethod: ImageParseMethod) { // Doesn't do anything for iOS. } +export function disableSSLValidation(disable: boolean) { + // Doesn't do anything for iOS. +} + export function setConcurrencyLimits(maxRequests: number, maxRequestsPerHost: number) { sessionConfig.HTTPMaximumConnectionsPerHost = maxRequestsPerHost; } From 1fe219c9570cb8fbd9fb865eb0f2c5c282764f52 Mon Sep 17 00:00:00 2001 From: Joonas Kannisto Date: Tue, 17 Dec 2024 14:10:20 +0200 Subject: [PATCH 5/5] Added disable SSL validation for iOS --- src/http.ios.ts | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/src/http.ios.ts b/src/http.ios.ts index 9722068..de6cdd3 100644 --- a/src/http.ios.ts +++ b/src/http.ios.ts @@ -28,6 +28,9 @@ let certificatePinningInstance: TrustKit = null; let certificatePinningConfig: NSDictionary = null; let certificatePinningDomainList: NSDictionary = null; +// Is SSL validation disabled +let isSSLValidationDisabled: boolean = false; + function parseJSON(source: string): any { const src = source.trim(); if (src.lastIndexOf(")") === src.length - 1) { @@ -42,6 +45,15 @@ class NSURLSessionTaskDelegateImpl extends NSObject implements NSURLSessionTaskD public static ObjCProtocols = [NSURLSessionTaskDelegate]; public URLSessionTaskDidReceiveChallengeCompletionHandler(session: NSURLSession, task: NSURLSessionTask, challenge: NSURLAuthenticationChallenge, completionHandler: (p1: NSURLSessionAuthChallengeDisposition, p2: NSURLCredential) => void) { + if (isSSLValidationDisabled) { + const trust = challenge.protectionSpace.serverTrust; + if (trust != null) { + const credential = NSURLCredential.credentialForTrust(trust); + completionHandler(NSURLSessionAuthChallengeDisposition.UseCredential, credential); + return; + } + } + // Default behaviour when we don't want certificate pinning. if (certificatePinningInstance == null) { completionHandler(NSURLSessionAuthChallengeDisposition.PerformDefaultHandling, null); @@ -67,6 +79,15 @@ class NoRedirectNSURLSessionTaskDelegateImpl extends NSObject implements NSURLSe public static ObjCProtocols = [NSURLSessionTaskDelegate]; public URLSessionTaskDidReceiveChallengeCompletionHandler(session: NSURLSession, task: NSURLSessionTask, challenge: NSURLAuthenticationChallenge, completionHandler: (p1: NSURLSessionAuthChallengeDisposition, p2: NSURLCredential) => void) { + if (isSSLValidationDisabled) { + const trust = challenge.protectionSpace.serverTrust; + if (trust != null) { + const credential = NSURLCredential.credentialForTrust(trust); + completionHandler(NSURLSessionAuthChallengeDisposition.UseCredential, credential); + return; + } + } + // Default behaviour when we don't want certificate pinning. if (certificatePinningInstance == null) { completionHandler(NSURLSessionAuthChallengeDisposition.PerformDefaultHandling, null); @@ -462,7 +483,9 @@ export function setImageParseMethod(imageParseMethod: ImageParseMethod) { } export function disableSSLValidation(disable: boolean) { - // Doesn't do anything for iOS. + defaultSession = null; + sessionNotFollowingRedirects = null; + isSSLValidationDisabled = disable; } export function setConcurrencyLimits(maxRequests: number, maxRequestsPerHost: number) {