android webview ssl校验

作者: xiaotimel | 来源:发表于2020-08-29 15:19 被阅读0次

android webview ssl校验
WebView使用JSSE与Tomact服务进行SSL双向认证通
Android
Android WebView 校验HTTPS证书
Android里遇到Debug能用，Release不能用的API
Android webview-tips
Android WebView使用js与java交互(二)
Android 和 IOS 使用 jsBridge 进行交互方法
Android - 用WebView开发简单的浏览器
Android webview弹出 alert 底部变白

防止webview捉包，添加ssl证书校验。
网上有很多的是在onReceivedSslError校验证书，其实这个时候你的请求已经发出去了，无法到达拦截校验数据。

@Override
    public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {
        super.onReceivedSslError(view, handler, error);
    }

通过URLConnection对webview的所有加载请求进行证书校验。

public class SSLWebViewClient extends WebViewClient {

    private HttpsUtils.SSLParams sslParams;

    public SSLWebViewClient(List<InputStream> sslList) {
        sslParams = SslUtils.getSslSocketFactory(sslList);
    }

    @Override
    public boolean shouldOverrideUrlLoading(WebView view, String url) {
        view.loadUrl(url);
        return true;
    }


    @Nullable
    @Override
    public WebResourceResponse shouldInterceptRequest(WebView view, String url) {
        return checkSsl(view, Uri.parse(url));
    }

    @SuppressLint("NewApi")
    @Nullable
    @Override
    public WebResourceResponse shouldInterceptRequest(WebView view, WebResourceRequest request) {
        return checkSsl(view, request.getUrl());
    }


    private WebResourceResponse checkSsl(WebView view, Uri uri) {
        String urlPath = uri.toString();
        URLConnection urlConnection = null;
        try {
            URL url = new URL(urlPath);
            urlConnection = url.openConnection();
            if(urlConnection instanceof HttpsURLConnection) {
                HttpsURLConnection httpsURLConnection = (HttpsURLConnection) urlConnection;
                httpsURLConnection.setInstanceFollowRedirects(false);
                httpsURLConnection.setSSLSocketFactory(sslParams.sSLSocketFactory);
                httpsURLConnection.setHostnameVerifier(new HostnameVerifier() {
                    @Override
                    public boolean verify(String hostname, SSLSession session) {
                        return true;
                    }
                });
                int respCode = httpsURLConnection.getResponseCode();
                if (respCode == 301 || respCode == 302) {
                    httpsURLConnection.disconnect();
                    return super.shouldInterceptRequest(view, urlPath);
                }
                if(respCode != 200){
                    httpsURLConnection.disconnect();
                    return super.shouldInterceptRequest(view, urlPath);
                }
            }
            InputStream is = urlConnection.getInputStream();
            String contentType = urlConnection.getContentType();
            String encoding = urlConnection.getContentEncoding();
            if (contentType != null) {
                String mimeType = contentType;
               
                if (contentType.contains(";")) {
                    mimeType = contentType.split(";")[0].trim();
                }
                return new WebResourceResponse(mimeType, encoding, is);
            }

        } catch (Exception e) {
            e.printStackTrace();
        }
        if(urlConnection != null){
            if(urlConnection instanceof HttpsURLConnection){
                ((HttpsURLConnection)urlConnection).disconnect();
            }else if(urlConnection instanceof HttpURLConnection){
                ((HttpURLConnection)urlConnection).disconnect();
            }
        }
        return new WebResourceResponse(null, null, null);
    }
}