Reputation: 6167
HttpGet/Client and HTTPS
Previously, I used custom TrustManager talked about here to do this
SAXParserFactory spf = SAXParserFactory.newInstance();
SAXParser sp = spf.newSAXParser();
XMLReader xr = sp.getXMLReader();
MyXMLHandler mHandler = new MyXMLHandler();
xr.setContentHandler(mHandler);
xr.parse(new InputSource(buildUrlString()));
(where buildUrlString() returns a string containing the https:// url to call) which works fine. However, I want to now be able to send the same url an Accept-Encoding header for gzip compression. I can do that like this
HttpUriRequest request = new HttpGet(buildUrlString());
request.addHeader("Accept-Encoding", "gzip");
HttpClient httpClient = new DefaultHttpClient();
HttpResponse response = httpClient.execute(request);
InputStream instream = response.getEntity().getContent();
Header contentEncoding = response.getFirstHeader("Content-Encoding");
if ((contentEncoding != null)
&& contentEncoding.getValue().equalsIgnoreCase("gzip"))
{
instream = new GZIPInputStream(instream);
}
xr.parse(new InputSource(instream));
but that brings back the "Not trusted server certificate" error that I want to ignore. How do I make it do HTTPS? Alternatively, is there a better way to do this? (And is there something I need to check first to make sure the phone really can accept the gzipped webpages that I'm saying it can?)
Upvotes: 3
Views: 4225
Answers (2)
Reputation: 13749
If you want to use Apache HTTP client API you can keep using your custom TrustManager by extending the DefaultHttpClient
import org.apache.http.conn.ssl.SSLSocketFactory;
public class MyHttpClient extends DefaultHttpClient {
final Context context;
public MyHttpClient(Context context) {
this.context = context;
}
@Override
protected ClientConnectionManager createClientConnectionManager() {
SchemeRegistry registry = new SchemeRegistry();
registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
registry.register(new Scheme("https", newSslSocketFactory(), 443));
return new SingleClientConnManager(getParams(), registry);
}
private SSLSocketFactory newSslSocketFactory() {
try {
TrustManager tm = new MyCustomTrustManager();
SSLContext ctx = SSLContext.getInstance("TLS");
ctx.init(null, new TrustManager[] {tm}, null);
SSLSocketFactory sf = new SSLSocketFactory(ctx);
return new SSLSocketFactory(ctx);
} catch (Exception e) {
throw new Error(e);
}
}
}
Upvotes: 3
Reputation: 6167
Actually this works:
URL url = new URL(buildUrlString());
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestProperty("Accept-Encoding","gzip");
InputStream instream = conn.getInputStream();
String response = conn.getContentEncoding();
if ((response != null)
&& response.equalsIgnoreCase("gzip"))
{
instream = new GZIPInputStream(instream);
}
xr.parse(new InputSource(instream));
I'm still not sure this is the best solution, though, so I'll leave the question up for a bit in case anyone has better ideas. :)
Upvotes: 1
Related Questions
- HttpGet with HTTPS : SSLPeerUnverifiedException
- Android - Sending HTTPS Get Request
- Android - HTTP GET Request
- Https simple get request
- Android SSL HttpGet (No peer certificate) error OR (Connection closed by peer) error
- Android HttpsURLConnection Problems
- Https Website using HttpURLConnection
- Requesting https using HttpURLConnection
- Apache Httpget with https url - Host is unresolved error
- Https request, authentication in Android