Return-Path: X-Original-To: apmail-incubator-callback-commits-archive@minotaur.apache.org Delivered-To: apmail-incubator-callback-commits-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 2419DDC85 for ; Tue, 18 Sep 2012 02:12:10 +0000 (UTC) Received: (qmail 56039 invoked by uid 500); 18 Sep 2012 02:12:09 -0000 Delivered-To: apmail-incubator-callback-commits-archive@incubator.apache.org Received: (qmail 55952 invoked by uid 500); 18 Sep 2012 02:12:09 -0000 Mailing-List: contact callback-commits-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: callback-dev@incubator.apache.org Delivered-To: mailing list callback-commits@incubator.apache.org Received: (qmail 55800 invoked by uid 99); 18 Sep 2012 02:12:09 -0000 Received: from tyr.zones.apache.org (HELO tyr.zones.apache.org) (140.211.11.114) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 18 Sep 2012 02:12:09 +0000 Received: by tyr.zones.apache.org (Postfix, from userid 65534) id 56E2E3748D; Tue, 18 Sep 2012 02:12:09 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: macdonst@apache.org To: callback-commits@incubator.apache.org X-Mailer: ASF-Git Admin Mailer Subject: [1/25] android commit: CB-1411: Add trustAllHosts option to FileTransfer.download on Android Message-Id: <20120918021209.56E2E3748D@tyr.zones.apache.org> Date: Tue, 18 Sep 2012 02:12:09 +0000 (UTC) Updated Branches: refs/heads/master d859bb8e6 -> d181d89dd CB-1411: Add trustAllHosts option to FileTransfer.download on Android Project: http://git-wip-us.apache.org/repos/asf/incubator-cordova-android/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-cordova-android/commit/d181d89d Tree: http://git-wip-us.apache.org/repos/asf/incubator-cordova-android/tree/d181d89d Diff: http://git-wip-us.apache.org/repos/asf/incubator-cordova-android/diff/d181d89d Branch: refs/heads/master Commit: d181d89dd2ec4007c749d6c10d04d46716a44be1 Parents: ac14b0d Author: Simon MacDonald Authored: Mon Sep 17 22:08:48 2012 -0400 Committer: Simon MacDonald Committed: Mon Sep 17 22:09:52 2012 -0400 ---------------------------------------------------------------------- framework/src/org/apache/cordova/FileTransfer.java | 35 +++++++++++++- 1 files changed, 32 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-cordova-android/blob/d181d89d/framework/src/org/apache/cordova/FileTransfer.java ---------------------------------------------------------------------- diff --git a/framework/src/org/apache/cordova/FileTransfer.java b/framework/src/org/apache/cordova/FileTransfer.java index e1b6919..881caa5 100644 --- a/framework/src/org/apache/cordova/FileTransfer.java +++ b/framework/src/org/apache/cordova/FileTransfer.java @@ -85,7 +85,7 @@ public class FileTransfer extends Plugin { if (action.equals("upload")) { return upload(URLDecoder.decode(source), target, args); } else if (action.equals("download")) { - return download(source, target); + return download(source, target, args.optBoolean(2)); } else { return new PluginResult(PluginResult.Status.INVALID_ACTION); } @@ -459,7 +459,7 @@ public class FileTransfer extends Plugin { * @param target Full path of the file on the file system * @return JSONObject the downloaded file */ - private PluginResult download(String source, String target) { + private PluginResult download(String source, String target, boolean trustEveryone) { Log.d(LOG_TAG, "download " + source + " to " + target); HttpURLConnection connection = null; @@ -473,7 +473,30 @@ public class FileTransfer extends Plugin { if (webView.isUrlWhiteListed(source)) { URL url = new URL(source); - connection = (HttpURLConnection) url.openConnection(); + boolean useHttps = url.getProtocol().toLowerCase().equals("https"); + // Open a HTTP connection to the URL based on protocol + if (useHttps) { + // Using standard HTTPS connection. Will not allow self signed certificate + if (!trustEveryone) { + connection = (HttpsURLConnection) url.openConnection(); + } + // Use our HTTPS connection that blindly trusts everyone. + // This should only be used in debug environments + else { + // Setup the HTTPS connection class to trust everyone + trustAllHosts(); + HttpsURLConnection https = (HttpsURLConnection) url.openConnection(); + // Save the current hostnameVerifier + defaultHostnameVerifier = https.getHostnameVerifier(); + // Setup the connection not to verify hostnames + https.setHostnameVerifier(DO_NOT_VERIFY); + connection = https; + } + } + // Return a standard HTTP connection + else { + connection = (HttpURLConnection) url.openConnection(); + } connection.setRequestMethod("GET"); //Add cookie support @@ -516,6 +539,12 @@ public class FileTransfer extends Plugin { FileUtils fileUtil = new FileUtils(); JSONObject fileEntry = fileUtil.getEntry(file); + // Revert back to the proper verifier and socket factories + if (trustEveryone && url.getProtocol().toLowerCase().equals("https")) { + ((HttpsURLConnection) connection).setHostnameVerifier(defaultHostnameVerifier); + HttpsURLConnection.setDefaultSSLSocketFactory(defaultSSLSocketFactory); + } + return new PluginResult(PluginResult.Status.OK, fileEntry); } else