如何在Android WebView中不使用ssl加载https url [英] How can load https url without use of ssl in android webview
问题描述
我已在Playstore上标记了一个问题,并且Google向我发送的邮件由于使用SSL而导致我的应用不安全.
I have Marked one problem on Playstore and google send the mail my app is unsafe because use of SSL.
当前在我的应用程序中,我有一个webview
是加载链接,它包含https网址.
Currently in my application I have one webview
which is load link and it contains https url.
在网络设置中,我是这样的:
on web settings I'm doing like this:
web.setWebViewClient(new SSLTolerentWebViewClient());
要忽略ssl证书,我使用以下代码,但是由于忽略显示我的应用程序不安全的证书playstore
to ignore ssl certificate I use following code but because of ignoring certificate playstore showing my app is unsafe
private class SSLTolerentWebViewClient extends WebViewClient {
public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {
handler.proceed(); // Ignore SSL certificate errors
}
}
有人可以建议我该怎么做,这样我的WebView
可以处理https网址,而Playstore不会将我的应用标记为不安全吗?
Can anyone one suggest me how can I do this so my WebView
can handle https url and Playstore not mark my app as unsafe?
推荐答案
要解决Google Play警告:WebViewClient.onReceivedSslError处理程序
To Solve Google Play Warning: WebViewClient.onReceivedSslError handler
不总是强制执行handler.proceed();但是您还必须包括handler.cancel();.这样用户就可以避免加载不愉快的内容.
Not Always force to handler.proceed(); but you have to also include handler.cancel(); so user can avoid unsaif content from loading.
处理WebViewClient.onReceivedSslError处理程序的不安全实现
To Handle unsafe implementation of the WebViewClient.onReceivedSslError handler
使用以下代码
webView.setWebViewClient(new SSLTolerentWebViewClient());
webView.loadUrl(myhttps url);
和
private class SSLTolerentWebViewClient extends WebViewClient {
public void onReceivedSslError(WebView view, final SslErrorHandler handler, SslError error) {
AlertDialog.Builder builder = new AlertDialog.Builder(Tab1Activity.this);
AlertDialog alertDialog = builder.create();
String message = "SSL Certificate error.";
switch (error.getPrimaryError()) {
case SslError.SSL_UNTRUSTED:
message = "The certificate authority is not trusted.";
break;
case SslError.SSL_EXPIRED:
message = "The certificate has expired.";
break;
case SslError.SSL_IDMISMATCH:
message = "The certificate Hostname mismatch.";
break;
case SslError.SSL_NOTYETVALID:
message = "The certificate is not yet valid.";
break;
}
message += " Do you want to continue anyway?";
alertDialog.setTitle("SSL Certificate Error");
alertDialog.setMessage(message);
alertDialog.setButton(DialogInterface.BUTTON_POSITIVE, "OK", new DialogInterface.OnClickListener() {
@Override
public void onClick(DialogInterface dialog, int which) {
// Ignore SSL certificate errors
handler.proceed();
}
});
alertDialog.setButton(DialogInterface.BUTTON_NEGATIVE, "Cancel", new DialogInterface.OnClickListener() {
@Override
public void onClick(DialogInterface dialog, int which) {
handler.cancel();
}
});
alertDialog.show();
}
}
这篇关于如何在Android WebView中不使用ssl加载https url的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!