Android\u4e2d\u4f7f\u7528WebView\u52a0\u8f7dhtml\uff0c\u5728html\u4e2d\u4f7f\u7528ajax\u8bf7\u6c42Https\u670d\u52a1\uff0c\u5982\u4f55\u8fdb\u884c\u8bc1\u4e66\u7684\u5b89\u5168\u6821\u9a8c\u5462\uff1f\u672c\u6587\u4e3b\u8981\u8bb2\u89e3WebView\u5b9e\u73b0Https\u81ea\u5236\u8bc1\u4e66\u7684\u6821\u9a8c\u3002<\/p>\n
\u6211\u4eec\u4f7f\u7528Android\u7684WebView\u7684\u65f6\u5019\u4f1a\u8bbe\u7f6e\u4e00\u4e2a <\/p>\n \u5373\u5f53\u524d\u7684webview\u5bf9\u8c61<\/p>\n \u70b9\u8fdb\u6e90\u7801\u53ef\u4ee5\u770b\u5230\uff0c\u5c31\u4e00\u4e2a\u6784\u9020\u65b9\u6cd5\u548c\u4e24\u4e2a\u7c7b\u65b9\u6cd5\u3002 \u70b9\u8fdbSslError\u6e90\u7801\u53ef\u4ee5\u770b\u5230\u8fd9\u4e2a\u7c7b\u7684\u5c5e\u6027\u548c\u65b9\u6cd5\uff0c\u4e3b\u8981\u5c5e\u6027\u6709\uff1a<\/p>\n \u9664\u4e86\u51e0\u4e2a\u6784\u9020\u65b9\u6cd5\u5916\uff0c\u4e3b\u8981\u65b9\u6cd5\u6709\uff1a<\/p>\n \u5224\u65ad\u903b\u8f91\u662f\uff1a<\/p>\n 1\u3001\u83b7\u53d6\u5f53\u524dwebview\u7684\u8bc1\u4e66\u7684sha256\u503c SSLSocketCert.java<\/p>\n WebViewClient onReceivedSslError Android\u4e2d\u4f7f\u7528WebView\u52a0\u8f7dhtm […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[311],"tags":[67,407],"class_list":["post-1630","post","type-post","status-publish","format-standard","hentry","category-android-advance","tag-webview","tag-407"],"_links":{"self":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts\/1630","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/comments?post=1630"}],"version-history":[{"count":0,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts\/1630\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/media?parent=1630"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/categories?post=1630"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/tags?post=1630"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}WebViewClient<\/code>\uff0c\u800c\u5982\u679c\u8bf7\u6c42Https\u53d1\u751f\u9519\u8bef\u7684\u65f6\u5019\uff0c\u5c31\u4f1a\u8c03\u7528WebViewClient<\/code>\u7684onReceivedSslError<\/code>\u65b9\u6cd5\uff0c\u5982\u4e0b\u6240\u793a\uff1a<\/p>\nWebView webView = new WebView(getContext());\nwebView.setWebViewClient(new WebViewClient(){\n @Override\n public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {\n super.onReceivedSslError(view, handler, error);\n\n }\n});<\/code><\/pre>\nsuper.onReceivedSslError(view, handler, error);<\/code>\u9ed8\u8ba4\u7ee7\u627f\u7236\u7c7b\u7684\u5b9e\u73b0\uff0c\u7236\u7c7b\u7684\u5b9e\u73b0\u662fhandler.cancel();<\/code>\u53d6\u6d88\u901a\u4fe1\u3002\u6240\u4ee5\u6211\u4eec\u8981\u505a\u7684\u5c31\u662f\u5728onReceivedSslError<\/code>\u65b9\u6cd5\u4e2d\u8fdb\u884c\u8bc1\u4e66\u6821\u9a8c\u3002<\/p>\nonReceivedSslError\u65b9\u6cd5\u53c2\u6570\u5206\u6790<\/h2>\n
\n
WebView view<\/code>\u53c2\u6570<\/li>\n<\/ul>\n\n
SslErrorHandler handler<\/code>\u53c2\u6570<\/li>\n<\/ul>\nproceed()<\/code>\u65b9\u6cd5\u662f\u5141\u8bb8\u6240\u6709\u7f51\u7edc\u8bbf\u95ee\uff0ccancel()<\/code>\u65b9\u6cd5\u662f\u53d6\u6d88\u6240\u6709\u7f51\u7edc\u8bbf\u95ee\u3002<\/p>\npublic class SslErrorHandler extends Handler {\n\n \/**\n * @hide Only for use by WebViewProvider implementations.\n *\/\n @SystemApi\n public SslErrorHandler() {}\n\n \/**\n * Proceed with the SSL certificate.\n *\/\n public void proceed() {}\n\n \/**\n * Cancel this request and all pending requests for the WebView that had\n * the error.\n *\/\n public void cancel() {}\n}<\/code><\/pre>\n\n
SSL_NOTYETVALID<\/code>\uff1a\u8bc1\u4e66\u4e0d\u5408\u6cd5
\nSSL_EXPIRED<\/code>\uff1a\u8bc1\u4e66\u8d85\u51fa\u6709\u6548\u671f
\nSSL_IDMISMATCH<\/code>\uff1a\u57df\u540d\u4e0d\u5339\u914d
\nSSL_UNTRUSTED<\/code>\uff1a\u4e0d\u53d7\u4fe1\u7684\u8bc1\u4e66
\nSSL_DATE_INVALID<\/code>\uff1a\u8bc1\u4e66\u65e5\u671f\u65e0\u6548
\nSSL_INVALID<\/code>\uff1a\u4e00\u822c\u6027\u9519\u8bef<\/p>\ngetUrl()<\/code>\uff1a\u83b7\u53d6\u5f53\u524d\u8bf7\u6c42\u7684url
\ngetPrimaryError()<\/code>\uff1a\u83b7\u53d6\u9519\u8bef\u7c7b\u578b
\ngetCertificate()<\/code>\uff1a\u83b7\u53d6\u5f53\u524d\u8bc1\u4e66<\/p>\n\u8bc1\u4e66\u7684sha256\u503c\u6821\u9a8c<\/h2>\n
\n2\u3001\u83b7\u53d6\u5ba2\u6237\u7aef\u8bc1\u4e66\u7684sha256\u503c
\n3\u3001\u5bf9\u6bd4\u4e24\u4e2a\u8bc1\u4e66\u7684sha256\u503c\uff0c\u5982\u679c\u76f8\u7b49\uff0c\u5219\u8c03\u7528handler.proceed()<\/code>\u65b9\u6cd5\uff0c\u5982\u679c\u4e0d\u76f8\u7b49\uff0c\u5219\u8c03\u7528\u5f39\u51fa\u63d0\u793a\u6846\uff0c\u5e76\u9000\u51fa\u5e94\u7528\u7a0b\u5e8f\u3002<\/p>\nWebView webView = new WebView(getContext());\nwebView.setWebViewClient(new WebViewClient() {\n @Override\n public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {\n String certSha256 = SSLSocketCert.getSSLCertSHA256FromCert(view.getContext().getAssets().open("client.crt"));\n String serverSha256 = SSLSocketCert.getSSLCertFromServer(error.getCertificate());\n if (certSha256.equalsIgnoreCase(serverSha256)) {\n handler.proceed();\n } else {\n DialogUtil.showSingleDialog(view.getContext(), "\u8b66\u544a", "\u8bc1\u4e66\u6821\u9a8c\u5931\u8d25", false, "\u9000\u51fa", new DialogInterface.OnClickListener() {\n @Override\n public void onClick(DialogInterface dialog, int which) {\n System.exit(0);\n }\n });\n }\n }\n});<\/code><\/pre>\nimport android.net.http.SslCertificate;\nimport android.os.Bundle;\n\nimport org.json.JSONArray;\nimport org.json.JSONException;\n\nimport java.io.ByteArrayInputStream;\nimport java.io.InputStream;\nimport java.security.KeyStore;\nimport java.security.MessageDigest;\nimport java.security.SecureRandom;\nimport java.security.cert.Certificate;\nimport java.security.cert.CertificateFactory;\nimport javax.net.ssl.HostnameVerifier;\nimport javax.net.ssl.SSLContext;\nimport javax.net.ssl.SSLSession;\nimport javax.net.ssl.SSLSocketFactory;\nimport javax.net.ssl.TrustManagerFactory;\n\npublic class SSLSocketCert {\n\n \/\/\u83b7\u53d6\u8fd9\u4e2aSSLSocketFactory\n public static SSLSocketFactory getSSLSocketFactory(InputStream cerIn) {\n try {\n SSLSocketFactory factory = setCertificates(cerIn);\n return factory;\n } catch (Exception e) {\n throw new RuntimeException(e);\n }\n }\n\n \/**\n * \u8f7d\u5165\u8bc1\u4e66\n *\/\n private static SSLSocketFactory setCertificates(InputStream... certificates) {\n try {\n CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");\n KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());\n keyStore.load(null);\n int index = 0;\n for (InputStream certificate : certificates) {\n String certificateAlias = Integer.toString(index++);\n keyStore.setCertificateEntry(certificateAlias, certificateFactory.generateCertificate(certificate));\n if (certificate != null) {\n certificate.close();\n }\n }\n SSLContext sslContext = SSLContext.getInstance("TLS");\n TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());\n trustManagerFactory.init(keyStore);\n sslContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());\n return sslContext.getSocketFactory();\n } catch (Exception e) {\n e.printStackTrace();\n return null;\n }\n }\n\n \/\/\u83b7\u53d6HostnameVerifier\n public static HostnameVerifier getHostnameVerifier(final JSONArray trustHosts) {\n HostnameVerifier hostnameVerifier = new HostnameVerifier() {\n @Override\n public boolean verify(String host, SSLSession sslSession) {\n if (trustHosts == null || trustHosts.length() == 0) {\n return false;\n }\n try {\n for (int i = 0; i < trustHosts.length(); i++) {\n String trustHost = trustHosts.getString(i);\n if (host.equalsIgnoreCase(trustHost)) {\n return true;\n }\n }\n } catch (JSONException e) {\n e.printStackTrace();\n }\n return false;\n }\n };\n return hostnameVerifier;\n }\n\n \/**\n * SSL\u8bc1\u4e66\u9519\u8bef\uff0c\u624b\u52a8\u6821\u9a8chttps\u8bc1\u4e66\n *\n * @param cert https\u8bc1\u4e66\n * @return true\u901a\u8fc7\uff0cfalse\u5931\u8d25\n *\/\n public static String getSSLCertFromServer(SslCertificate cert) {\n Bundle bundle = SslCertificate.saveState(cert);\n if (bundle != null) {\n byte[] bytes = bundle.getByteArray("x509-certificate");\n if (bytes != null) {\n try {\n CertificateFactory cf = CertificateFactory.getInstance("X.509");\n Certificate ca = cf.generateCertificate(new ByteArrayInputStream(bytes));\n MessageDigest sha256 = MessageDigest.getInstance("SHA-256");\n byte[] key = sha256.digest(ca.getEncoded());\n return bytesToHex(key);\n } catch (Exception e) {\n e.printStackTrace();\n }\n }\n }\n return null;\n }\n\n public static String getSSLCertSHA256FromCert(InputStream cerIn) {\n try {\n CertificateFactory cf = CertificateFactory.getInstance("X.509");\n Certificate ca = cf.generateCertificate(cerIn);\n MessageDigest sha256 = MessageDigest.getInstance("SHA-256");\n byte[] key = sha256.digest(ca.getEncoded());\n String sha256Str = bytesToHex(key);\n return sha256Str;\n } catch (Exception e) {\n e.printStackTrace();\n }\n return null;\n }\n\n \/**\n * \u5341\u516d\u8fdb\u5236\u8f6c\u5b57\u8282\u6570\u7ec4\n *\n * @param hex\n * @return\n *\/\n public static byte[] hexToBinary(String hex) {\n String string = "0123456789ABCDEF";\n char[] ch = hex.toCharArray();\n int len = ch.length \/ 2;\n byte byts[] = new byte[len];\n for (int i = 0; i < len; i++) {\n byts[i] = (byte) ((((byte) string.indexOf(Character\n .toUpperCase(ch[i * 2])) & 0xFF) << 4)\n | ((byte) string.indexOf(Character.toUpperCase(ch[i * 2 + 1])) & 0xFF));\n }\n return byts;\n }\n\n \/**\n * \u5b57\u8282\u6570\u7ec4\u8f6c\u5341\u516d\u8fdb\u5236\u5b57\u7b26\u4e32\n *\n * @param bytes\n * @return\n *\/\n public static String bytesToHex(byte[] bytes) {\n final char[] hexArray = {'0', '1', '2', '3', '4', '5', '6', '7', '8',\n '9', 'A', 'B', 'C', 'D', 'E', 'F'};\n char[] hexChars = new char[bytes.length * 2];\n int v;\n for (int j = 0; j < bytes.length; j++) {\n v = bytes[j] & 0xFF;\n hexChars[j * 2] = hexArray[v >>> 4];\n hexChars[j * 2 + 1] = hexArray[v & 0x0F];\n }\n return new String(hexChars);\n }\n}<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"