Skip to content

Allow ssl errors #107

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 14 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -483,6 +483,20 @@ certificatePinningAdd("mydomain.com", ["DCU5TkA8n3L8+QM7dyTjfRlxWibigF+1cxMzRhlJ
certificatePinningClear();
```

### Disable SSL validation

You can disable SSL validations

```typescript
import { disableSSLValidation } from "@klippa/nativescript-http";

/**
* Disable SSL validations
* @param disable true/false
*/
disableSSLValidation(true);
```

## Roadmap
* Cache control
* Allowing self signed certificates (WIP in feature/self-signed)
4 changes: 4 additions & 0 deletions src/http.android.ts
Original file line number Diff line number Diff line change
@@ -496,6 +496,10 @@ export function clearCookies() {
com.klippa.NativeScriptHTTP.Async.Http.ClearCookies();
}

export function disableSSLValidation(disable: boolean) {
com.klippa.NativeScriptHTTP.Async.Http.DisableSSLValidation(disable);
}

export function setUserAgent(userAgent?: string) {
customUserAgent = userAgent;
}
27 changes: 27 additions & 0 deletions src/http.ios.ts
Original file line number Diff line number Diff line change
@@ -28,6 +28,9 @@ let certificatePinningInstance: TrustKit = null;
let certificatePinningConfig: NSDictionary<string, any> = null;
let certificatePinningDomainList: NSDictionary<string, any> = null;

// Is SSL validation disabled
let isSSLValidationDisabled: boolean = false;

function parseJSON(source: string): any {
const src = source.trim();
if (src.lastIndexOf(")") === src.length - 1) {
@@ -42,6 +45,15 @@ class NSURLSessionTaskDelegateImpl extends NSObject implements NSURLSessionTaskD
public static ObjCProtocols = [NSURLSessionTaskDelegate];

public URLSessionTaskDidReceiveChallengeCompletionHandler(session: NSURLSession, task: NSURLSessionTask, challenge: NSURLAuthenticationChallenge, completionHandler: (p1: NSURLSessionAuthChallengeDisposition, p2: NSURLCredential) => void) {
if (isSSLValidationDisabled) {
const trust = challenge.protectionSpace.serverTrust;
if (trust != null) {
const credential = NSURLCredential.credentialForTrust(trust);
completionHandler(NSURLSessionAuthChallengeDisposition.UseCredential, credential);
return;
}
}

// Default behaviour when we don't want certificate pinning.
if (certificatePinningInstance == null) {
completionHandler(NSURLSessionAuthChallengeDisposition.PerformDefaultHandling, null);
@@ -67,6 +79,15 @@ class NoRedirectNSURLSessionTaskDelegateImpl extends NSObject implements NSURLSe
public static ObjCProtocols = [NSURLSessionTaskDelegate];

public URLSessionTaskDidReceiveChallengeCompletionHandler(session: NSURLSession, task: NSURLSessionTask, challenge: NSURLAuthenticationChallenge, completionHandler: (p1: NSURLSessionAuthChallengeDisposition, p2: NSURLCredential) => void) {
if (isSSLValidationDisabled) {
const trust = challenge.protectionSpace.serverTrust;
if (trust != null) {
const credential = NSURLCredential.credentialForTrust(trust);
completionHandler(NSURLSessionAuthChallengeDisposition.UseCredential, credential);
return;
}
}

// Default behaviour when we don't want certificate pinning.
if (certificatePinningInstance == null) {
completionHandler(NSURLSessionAuthChallengeDisposition.PerformDefaultHandling, null);
@@ -461,6 +482,12 @@ export function setImageParseMethod(imageParseMethod: ImageParseMethod) {
// Doesn't do anything for iOS.
}

export function disableSSLValidation(disable: boolean) {
defaultSession = null;
sessionNotFollowingRedirects = null;
isSSLValidationDisabled = disable;
}

export function setConcurrencyLimits(maxRequests: number, maxRequestsPerHost: number) {
sessionConfig.HTTPMaximumConnectionsPerHost = maxRequestsPerHost;
}
6 changes: 6 additions & 0 deletions src/index.d.ts
Original file line number Diff line number Diff line change
@@ -112,6 +112,12 @@ export declare function setConcurrencyLimits(maxRequests: number, maxRequestsPer
*/
export declare function clearCookies(): void;

/**
* Disable SSL validation
* @param disable true/false
*/
export declare function disableSSLValidation(disable: boolean): void;

/**
* Set a global user agent.
* @param userAgent The new user agent. Set to null to use the default again.
2 changes: 1 addition & 1 deletion src/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@klippa/nativescript-http",
"version": "3.0.4",
"version": "3.0.5",
"description": "The best way to do HTTP requests in NativeScript, a drop-in replacement for the core HTTP with important improvements and additions like proper connection pooling, form data support and certificate pinning",
"main": "http",
"typings": "index.d.ts",
54 changes: 48 additions & 6 deletions src/platforms/android/java/com/klippa/NativeScriptHTTP/Async.java
Original file line number Diff line number Diff line change
@@ -89,19 +89,55 @@ public static class Http {
private static MemoryCookieJar cookieJar;
private static CertificatePinner.Builder certificatePinnerBuilder;
private static ImageParseMethod imageParseMethod = ImageParseMethod.CONTENTTYPE;
private static boolean disableSslValidation = false;

public static void InitClient() {
if (cookieJar == null) {
cookieJar = new MemoryCookieJar();
}

if (client == null) {
client = new OkHttpClient.Builder()
.writeTimeout(60, TimeUnit.SECONDS)
.readTimeout(60, TimeUnit.SECONDS)
.connectTimeout(60, TimeUnit.SECONDS)
.cookieJar(cookieJar)
.build();
OkHttpClient.Builder builder = new OkHttpClient.Builder()
.writeTimeout(60, TimeUnit.SECONDS)
.readTimeout(60, TimeUnit.SECONDS)
.connectTimeout(60, TimeUnit.SECONDS)
.cookieJar(cookieJar);

if (disableSslValidation) {
// Disable ssl validations
try {
javax.net.ssl.TrustManager TRUST_ALL_CERTS = new javax.net.ssl.X509TrustManager() {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) {
}

@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) {
}

@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[] {};
}
};

javax.net.ssl.SSLContext sslContext = javax.net.ssl.SSLContext.getInstance("SSL");
sslContext.init(null, new javax.net.ssl.TrustManager[] { TRUST_ALL_CERTS }, new java.security.SecureRandom());
builder.sslSocketFactory(sslContext.getSocketFactory(), (javax.net.ssl.X509TrustManager) TRUST_ALL_CERTS)
.hostnameVerifier(new javax.net.ssl.HostnameVerifier() {
@Override
public boolean verify(String hostname, javax.net.ssl.SSLSession session) {
return true;
}
});
} catch (java.security.KeyManagementException e) {
e.printStackTrace();
} catch (java.security.NoSuchAlgorithmException e) {
e.printStackTrace();
}
}

client = builder.build();
}
}

@@ -188,6 +224,12 @@ public static void ClearCookies() {
}
}

public static void DisableSSLValidation(boolean disable) {
client = null;
disableSslValidation = disable;
InitClient();
}

public static void SetImageParseMethod(ImageParseMethod newImageParseMethod) {
imageParseMethod = newImageParseMethod;
}
1 change: 1 addition & 0 deletions src/typings/android.d.ts
Original file line number Diff line number Diff line change
@@ -25,6 +25,7 @@ declare module com {
public static class: java.lang.Class<com.klippa.NativeScriptHTTP.Async.Http>;
public static SetConcurrencyLimits(param0: number, param1: number): void;
public static ClearCookies(): void;
public static DisableSSLValidation(param0: boolean): void;
public static MakeRequest(param0: com.klippa.NativeScriptHTTP.Async.Http.RequestOptions, param1: com.klippa.NativeScriptHTTP.Async.CompleteCallback, param2: any): void;
public constructor();
public static InitClient(): void;