Skip to content

Add cleartext traffic check #122

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
akindofyoga wants to merge 16 commits into
base: main
Choose a base branch
from
Open

Add cleartext traffic check #122

akindofyoga wants to merge 16 commits into from

Conversation

@akindofyoga
Copy link

@akindofyoga akindofyoga commented Dec 4, 2019

When someone tries to open a Websocket connection without using TLS (ie "ws:" instead of "wss:") on Android 9 and newer, the connection will fail and Scarlet will not provide any information about this to the developer. This confused me as well as the author of this post.

Okhttp has a similar check here.

I check for a ClassNotFoundException, so it should not cause any issues for non-Android apps that use Scarlet.

@aaronweihe
Copy link
Collaborator

aaronweihe commented Dec 5, 2019

thanks for the contribution @rogerthat94! Just a few nits

@akindofyoga
Copy link
Author

akindofyoga commented Dec 17, 2019

Thank you for making this helpful library! I'm happy to give back with a small contribution.

I hope this addresses the nits.

@aaronweihe
Copy link
Collaborator

aaronweihe commented Apr 24, 2020

@rogerthat94 sorry it's been a while. if you can resolve conflicts, i'd be more than happy to accept this change. Thanks!

@CLAassistant
Copy link

CLAassistant commented May 8, 2020
edited
Loading

CLA assistant check
All committers have signed the CLA.

@akindofyoga
Copy link
Author

akindofyoga commented May 8, 2020

@aaronweihe No problem! I have just resolved conflicts.

@akindofyoga
Copy link
Author

akindofyoga commented Jun 16, 2020

ping @aaronweihe

@akindofyoga
Copy link
Author

akindofyoga commented Jan 12, 2022

@aaronweihe Are you still interested in this change? I can rebase it on top of the latest version of the code if so.

aaronweihe
aaronweihe approved these changes Jan 30, 2022
View reviewed changes
Copy link
Collaborator

@aaronweihe aaronweihe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good to me. Can you sign the CLA?

aaronweihe
aaronweihe reviewed Jan 30, 2022
View reviewed changes
scarlet-websocket-okhttp/src/main/java/com/tinder/scarlet/websocket/okhttp/OkHttpClientUtils.kt
fun OkHttpClient.newWebSocketFactory(url: String): WebSocket.Factory {
if (url.startsWith("ws:", ignoreCase = true)) {
try {
if ((Build.VERSION.SDK_INT > 23 &&
Copy link
Collaborator

@aaronweihe aaronweihe Jan 30, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like the Platform#isCleartextTrafficPermitted abstraction. we could tackle it in the next PR

@akindofyoga
Copy link
Author

akindofyoga commented Jan 30, 2022

Thanks! I have signed the CLA. Is there anything else that you would like me to do?

@akindofyoga akindofyoga requested a review from aaronweihe March 15, 2022 19:35
@akindofyoga
Copy link
Author

akindofyoga commented May 2, 2022

@aaronweihe Are you able to merge this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aaronweihe aaronweihe Awaiting requested review from aaronweihe

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@akindofyoga @aaronweihe @CLAassistant