{ "id": "76857", "key": "TIMOB-4488", "fields": { "issuetype": { "id": "2", "description": "A new feature of the product, which has yet to be developed.", "name": "New Feature", "subtask": false }, "project": { "id": "10153", "key": "TIMOB", "name": "Titanium SDK/CLI", "projectCategory": { "id": "10100", "description": "Titanium and related SDKs used in application development", "name": "Client" } }, "fixVersions": [ { "id": "15939", "description": "2014 Sprint 07", "name": "2014 Sprint 07", "archived": true, "released": true, "releaseDate": "2014-04-11" }, { "id": "15940", "description": "2014 Sprint 07 SDK", "name": "2014 Sprint 07 SDK", "archived": true, "released": true, "releaseDate": "2014-04-11" }, { "id": "15422", "description": "Release 3.3.0", "name": "Release 3.3.0", "archived": false, "released": true, "releaseDate": "2014-07-16" } ], "resolution": { "id": "1", "description": "A fix for this issue is checked into the tree and tested.", "name": "Fixed" }, "resolutiondate": "2014-04-04T04:21:19.000+0000", "created": "2011-06-23T11:02:47.000+0000", "priority": { "name": "Medium", "id": "3" }, "labels": [ "api", "module_webview", "qe-closed-3.3.0", "qe-testadded", "triage" ], "versions": [ { "id": "11367", "description": "", "name": "Release 1.7.1", "archived": true, "released": true, "releaseDate": "2011-06-21" } ], "issuelinks": [ { "id": "35480", "type": { "id": "10003", "name": "Relates", "inward": "relates to", "outward": "relates to" }, "outwardIssue": { "id": "102506", "key": "TIMOB-11227", "fields": { "summary": "Android: Add method to ignore invalid SSL certificate", "status": { "description": "The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.", "name": "Closed", "id": "6", "statusCategory": { "id": 3, "key": "done", "colorName": "green", "name": "Done" } }, "priority": { "name": "High", "id": "2" }, "issuetype": { "id": "7", "description": "gh.issue.story.desc", "name": "Story", "subtask": false } } } }, { "id": "37030", "type": { "id": "10003", "name": "Relates", "inward": "relates to", "outward": "relates to" }, "inwardIssue": { "id": "129619", "key": "TIMOB-16880", "fields": { "summary": "iOS: \"sslerror\" event for webView is not working", "status": { "description": "The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.", "name": "Closed", "id": "6", "statusCategory": { "id": 3, "key": "done", "colorName": "green", "name": "Done" } }, "priority": { "name": "High", "id": "2" }, "issuetype": { "id": "1", "description": "A problem which impairs or prevents the functions of the product.", "name": "Bug", "subtask": false } } } } ], "assignee": { "name": "sunila", "key": "sunila", "displayName": "Sunila", "active": true, "timeZone": "Asia/Kolkata" }, "updated": "2014-04-24T17:38:43.000+0000", "status": { "description": "The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.", "name": "Closed", "id": "6", "statusCategory": { "id": 3, "key": "done", "colorName": "green", "name": "Done" } }, "components": [ { "id": "10202", "name": "Android", "description": "Android Platform" } ], "description": "h1. Feature\r\nExpose the onReceivedSslError method of the web view on Android so that developers can handle what happens when an SSL certificate is rejected.\r\n\r\nh2. Why\r\nThe default behavior is to reject any SSL certificate that doesn't validate. By exposing this, the developer could ask the user if they want to proceed.\r\n\r\nh2. Sample Code\r\nThe following could utilize this feature. I bet there's a better way to expose the SSLError constants.\r\n{code:title=app.js}\r\nvar window = Ti.UI.createWindow({\r\n backgroundColor:'#fff'\r\n});\r\n\r\nvar webView = Ti.UI.createScrollView({\r\n width: 320, height: 480,\r\n contentWidth: 2000\r\n});\r\nwebView.addEventListener('onReceivedSslError', function(evt) {\r\n // What error happened? Check the constants. These are taken from the following URL:\r\n // http://developer.android.com/reference/android/net/http/SslError.html\r\n switch (evt.error) {\r\n case evt.SSL_EXPIRED:\r\n break;\r\n case evt.SSL_IDMISMATCH:\r\n break;\r\n case evt.SSL_MAX_ERROR:\r\n break;\r\n case evt.SSL_NOTYETVALID:\r\n break;\r\n case evt.SSL_UNTRUSTED:\r\n break;\r\n }\r\n // Should we proceed?\r\n evt.handler.proceed();\r\n});\r\nwindow.add(webView);\r\n\r\nwindow.open();\r\n{code}\r\n\r\nh2. Relevant Documentation\r\nhttp://developer.android.com/reference/android/webkit/WebViewClient.html#onReceivedSslError(android.webkit.WebView, android.webkit.SslErrorHandler, android.net.http.SslError)\r\n\r\nh3. Associated Helpdesk Ticket\r\nhttp://appc.me/c/APP-235542", "attachment": [], "flagged": false, "summary": "Android: Expose WebView onReceivedSslError", "creator": { "name": "dtoth", "key": "dtoth", "displayName": "Dawson Toth", "active": true, "timeZone": "America/New_York" }, "subtasks": [], "reporter": { "name": "dtoth", "key": "dtoth", "displayName": "Dawson Toth", "active": true, "timeZone": "America/New_York" }, "environment": null, "comment": { "comments": [ { "id": "161300", "author": { "name": "rseagraves", "key": "rseagraves", "displayName": "Reggie Seagraves", "active": true, "timeZone": "America/Los_Angeles" }, "body": "Stephen and Marshall need to add this to their parity meeting.", "updateAuthor": { "name": "rseagraves", "key": "rseagraves", "displayName": "Reggie Seagraves", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2011-08-01T10:32:24.000+0000", "updated": "2011-08-01T10:32:24.000+0000" }, { "id": "161363", "author": { "name": "mculpepper", "key": "mculpepper", "displayName": "Marshall Culpepper", "active": true, "timeZone": "America/Los_Angeles" }, "body": "We can do this on Android, but iOS doesn't currently allow programmatic interaction with WebView (though it should be possible w/ XHR). ", "updateAuthor": { "name": "mculpepper", "key": "mculpepper", "displayName": "Marshall Culpepper", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2011-08-01T13:19:20.000+0000", "updated": "2011-08-01T13:19:20.000+0000" }, { "id": "171000", "author": { "name": "connysvensson", "key": "connysvensson", "displayName": "connysvensson", "active": true, "timeZone": "Europe/Berlin" }, "body": "There are many requests in the community Q&A for this feature or similarly expose a validatesSecureCertificate property as the HTTPClient object. This is a very common scenario where you have a self signed certificate during development, or the certificate is not from a part on Android's list of trusted CAs.\r\nIs there a planned fix for this?", "updateAuthor": { "name": "connysvensson", "key": "connysvensson", "displayName": "connysvensson", "active": true, "timeZone": "Europe/Berlin" }, "created": "2011-11-01T03:10:08.000+0000", "updated": "2011-11-01T03:10:08.000+0000" }, { "id": "245913", "author": { "name": "soumyakantikar", "key": "soumyakantikar", "displayName": "Soumya Kanti Kar", "active": true, "timeZone": "America/Havana" }, "body": "This is a very common request on as to how to handle SSL error from Titanium. We are able to do it in Android native. The link is also provided in the JIRA. Is there any update from Appcelerator as to when can the developers expect a solution or is there any workaround for this currently.", "updateAuthor": { "name": "soumyakantikar", "key": "soumyakantikar", "displayName": "Soumya Kanti Kar", "active": true, "timeZone": "America/Havana" }, "created": "2013-04-05T08:32:57.000+0000", "updated": "2013-04-05T08:32:57.000+0000" }, { "id": "288277", "author": { "name": "sunila", "key": "sunila", "displayName": "Sunila", "active": true, "timeZone": "Asia/Kolkata" }, "body": "Added new event sslerror\r\nhttps://github.com/appcelerator/titanium_mobile/pull/5224", "updateAuthor": { "name": "sunila", "key": "sunila", "displayName": "Sunila", "active": true, "timeZone": "Asia/Kolkata" }, "created": "2014-01-15T17:29:35.000+0000", "updated": "2014-01-15T17:29:35.000+0000" }, { "id": "288280", "author": { "name": "sunila", "key": "sunila", "displayName": "Sunila", "active": true, "timeZone": "Asia/Kolkata" }, "body": "Test case\r\n\r\n{code}\r\n var window = Ti.UI.createWindow({\r\n\t backgroundColor:'#fff'\r\n\t});\r\n\t \r\n\tvar webView = Ti.UI.createWebView({\r\n\t\tbackgroundColor:'white',\r\n\t\turl:'https://certs.cac.washington.edu/CAtest/'\r\n\t\t});\r\n\t\r\n\twebView.addEventListener('sslerror', function(evt) {\r\n\t Ti.API.info(\"sslerror\");\r\n\t \r\n\t //Comment below line to fail\r\n\t webView.ignoreSslError = true;\r\n\t});\r\n\twindow.add(webView);\r\n\t \r\n\twindow.open();\r\n{code}", "updateAuthor": { "name": "ingo", "key": "ingo", "displayName": "Ingo Muschenetz", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2014-01-15T17:32:02.000+0000", "updated": "2014-02-28T18:48:44.000+0000" }, { "id": "295103", "author": { "name": "ingo", "key": "ingo", "displayName": "Ingo Muschenetz", "active": true, "timeZone": "America/Los_Angeles" }, "body": "We are concerned this might have parity issues with iOS, and how it interacts with the property to ignoreSSLError. We need to investigate further before accepting this PR.", "updateAuthor": { "name": "ingo", "key": "ingo", "displayName": "Ingo Muschenetz", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2014-02-28T18:49:52.000+0000", "updated": "2014-02-28T18:54:09.000+0000" }, { "id": "302374", "author": { "name": "pagarwal", "key": "pagarwal", "displayName": "Priya Agarwal", "active": true, "timeZone": "America/Los_Angeles" }, "body": "Verified the issue with environment:\r\n\r\nAppc-Studio:3.3.0.201404211130\r\nsdk:3.3.0.v20140423155715\r\nacs:1.0.14\r\nalloy:1.4.0-dev\r\nnpm:1.3.2\r\ntitanium:3.3.0-dev\r\ntitanium-code-processor:1.1.1-beta1\r\nxCODE:5.1.1\r\nDevice:Iphone5(7.1),Nexus7(v4.4.2)\r\n\r\nUsed the code given by Sunila\r\nOn Android the \"sslerror\" event for webView is working fine.\r\nBut it is not working fine on iOS.\r\nHave logged separate issue for it TIMOB-16880\r\nHence marking this issue as verified and closed.", "updateAuthor": { "name": "pagarwal", "key": "pagarwal", "displayName": "Priya Agarwal", "active": true, "timeZone": "America/Los_Angeles" }, "created": "2014-04-24T11:36:00.000+0000", "updated": "2014-04-24T11:36:00.000+0000" } ], "maxResults": 9, "total": 9, "startAt": 0 } } }