onReceivedSslError 已修复但仍显示错误
[英]onReceivedSslError fixed but still showing error
问题描述
I got an "onReceivedSslError" error in my Play Console account as in the screenshot.
如屏幕截图所示,我的 Play 控制台帐户中出现“onReceivedSslError”错误。
I have handled the onReceivedSslError in all WebViewClients and show the required warning message.我已经处理了所有 WebViewClient 中的 onReceivedSslError 并显示了所需的警告消息。 Then I sent the version to the market and got approval.然后我将版本发送到市场并获得批准。 The version has been released, but it still says this error is in this version, as seen above, under the version.版本已经发布了,但是还是说这个错误在这个版本,如上图,在版本下。 Why is it showing up even though I applied it to all WebViewClients?为什么即使我将它应用于所有 WebViewClients,它也会出现?
Related document sent: https://support.google.com/faqs/answer/7071387相关文件发送: https://support.google.com/faqs/answer/7071387
@Override
public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {
Utilities.showAlertDialog(getActivity(),
"SSL Certificate Error", Utilities.getSslErrorMessage(error.getPrimaryError()),
getString(R.string.common_continue),
getString(R.string.order_detail_product_cancel),
() -> handler.proceed(),
() -> {
handler.cancel();
});
}
public static String getSslErrorMessage(int primaryErrorCode){
String message = "SSL Certificate error.";
switch (primaryErrorCode) {
case SslError.SSL_UNTRUSTED:
message = "The certificate authority is not trusted.";
break;
case SslError.SSL_EXPIRED:
message = "The certificate has expired.";
break;
case SslError.SSL_IDMISMATCH:
message = "The certificate Hostname mismatch.";
break;
case SslError.SSL_NOTYETVALID:
message = "The certificate is not yet valid.";
break;
}
message += " Do you want to continue anyway?";
return message;
}
Edit: The error turned yellow on the Play Console after a while, then it stopped coming at all.编辑:一段时间后,错误在 Play 控制台上变成黄色,然后就完全停止了。 And I got an email that the error persists.我得到一个 email 错误仍然存在。 I don't understand why this is so.我不明白为什么会这样。
I'm on version 75 right now.我现在的版本是 75。
1 个解决方案
解决方案1
1 2023-05-15 12:26:34
Although you have handled the onReceivedSslError in all WebViewClient s and shown the required warning message, it is possible that there are still some code paths that are not handled properly.尽管您已经处理了所有WebViewClient中的onReceivedSslError并显示了所需的警告消息,但仍有可能存在一些代码路径未正确处理。
If you reviewed your code again and made sure that you are handling all possible scenarios in the onReceivedSslError method (including showing the warning message properly), make sure that you disabled SSL/TLS certificate validation.如果您再次检查您的代码并确保您正在处理onReceivedSslError方法中的所有可能情况(包括正确显示警告消息),请确保您禁用了 SSL/TLS 证书验证。
Could you please post the code snippet in the screenshot, in textual form, to be examined in more detail?您能否以文本形式在屏幕截图中发布代码片段,以便更详细地检查?
UPDATE (after OP posted code snippet):更新(在 OP 发布代码片段之后):
While it seems you have correctly implemented the SSL error handling logic in your WebViewClients, it seems that your problem lies in the way your Utilities.showAlertDialog(...) is handling proceed() vs. cancel() .虽然您似乎已经在 WebViewClients 中正确实现了 SSL 错误处理逻辑,但您的问题似乎在于Utilities.showAlertDialog(...)处理proceed()与cancel()的方式。
In my working code (also deployed to Google Play, without an issue), my dialog allows clicking "proceed" or "cancel" for all errors, except for SSL_IDMISMATCH which is always handled as "proceed":在我的工作代码中(也已部署到 Google Play,没有问题),我的对话框允许针对所有错误单击“继续”或“取消”,但SSL_IDMISMATCH除外,它始终被处理为“继续”:
if (error.getPrimaryError() != SslError.SSL_IDMISMATCH) {
final AlertDialog dialog = builder.create();
dialog.show();
}
else {
handler.proceed();
}
Does this help?这有帮助吗?
UPDATE II (after OP responded that the above did not help):更新 II (在 OP 回应上述内容无济于事之后):
I am posting here the complete onReceivedSslError(...) that works on Google Play:我在这里发布了适用于 Google Play 的完整onReceivedSslError(...) :
@Override
public void onReceivedSslError (WebView view, final SslErrorHandler handler, SslError error) {
final AlertDialog.Builder builder = new AlertDialog.Builder(this.mMeWebView.getContext());
String message;
switch (error.getPrimaryError()) {
case SslError.SSL_EXPIRED:
message = "The certificate has expired.";
break;
case SslError.SSL_IDMISMATCH:
message = "The certificate Hostname mismatch.";
break;
case SslError.SSL_NOTYETVALID:
message = "The certificate is not yet valid.";
break;
case SslError.SSL_UNTRUSTED:
message = "The certificate authority is not trusted.";
break;
default:
message = "Unknown SSL error.";
break;
}
message += " Do you want to continue anyway?";
builder.setTitle("SSL Certificate Error");
builder.setMessage(message);
builder.setPositiveButton("continue", new DialogInterface.OnClickListener() {
@Override
public void onClick(DialogInterface dialog, int which) {
handler.proceed();
}
});
builder.setNegativeButton("cancel", new DialogInterface.OnClickListener() {
@Override
public void onClick(DialogInterface dialog, int which) {
handler.cancel();
}
});
if (error.getPrimaryError() != SslError.SSL_IDMISMATCH) {
final AlertDialog dialog = builder.create();
dialog.show();
}
else {
handler.proceed();
}
}
It is not pretty as yours (Java8+ guidelines) but it works.它不像您的那样漂亮(Java8+ 指南),但它可以工作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.