I have added an InAppBrowser plugin into a Cordova project to access a site and get token but while the site is opening normally in desktop browsers the same is giving error while opening from mobile browser.
Also the default native browser will ask to continue in case of SSL error but the Cordova InAppBrowser is not asking for such option and instead showing an error page. I am opening the IAB using the following code :
var iab = window.open('http://www.example.com', '_blank', 'location=yes');
Any idea on how to bypass SSL erros in InAppBrowser ?
I'm going to expand on the answer to the related question (phonegap inappbrowser https pages not loading). This pertains only to Android, sorry still working on iOS.
Add this code:
public void onReceivedSslError(WebView view,
SslErrorHandler handler, SslError error) {
Log.e("Error", "Received SSL error"+ error.toString());
handler.proceed();
}
to the InAppBrower.java file from the plugin. Specifically, it should be under the InAppBrowserClient class.
Hope this helps!
Insert Proper Code from below InAppBrowser.java in to your plugin
LOCATED IN platforms\android\src\org\apache\cordova\inappbrowser\InAppBrowser.java
Filtered code from below java code:
import android.net.http.SslError;
import android.webkit.SslErrorHandler;
@SuppressLint("SetJavaScriptEnabled")
public class InAppBrowser extends CordovaPlugin {
private boolean ignoreSSLError = false;
private HashMap<String, Boolean> parseFeature(String optString) {
if (optString.equals(NULL)) {
return null;
} else {
HashMap<String, Boolean> map = new HashMap<String, Boolean>();
StringTokenizer features = new StringTokenizer(optString, ",");
StringTokenizer option;
while(features.hasMoreElements()) {
option = new StringTokenizer(features.nextToken(), "=");
if (option.hasMoreElements()) {
String key = option.nextToken();
if(key.equalsIgnoreCase(IGNORE_SSL_ERROR)) {
Boolean value = option.nextToken().equals("no") ? Boolean.FALSE : Boolean.TRUE;
map.put(key, value);
}
else {
Boolean value = option.nextToken().equals("no") ? Boolean.FALSE : Boolean.TRUE;
map.put(key, value);
}
}
}
return map;
}
}
public String showWebPage(final String url, HashMap<String, Boolean> features) {
// Determine if we should hide the location bar.
showLocationBar = true;
showZoomControls = true;
openWindowHidden = false;
ignoreSSLError = false;
if (features != null) {
Boolean show = features.get(LOCATION);
if (show != null) {
showLocationBar = show.booleanValue();
}
Boolean SSLError = features.get(IGNORE_SSL_ERROR);
if(SSLError != null){
ignoreSSLError = SSLError.booleanValue();
}
Boolean zoom = features.get(ZOOM);
if (zoom != null) {
showZoomControls = zoom.booleanValue();
}
Boolean hidden = features.get(HIDDEN);
if (hidden != null) {
openWindowHidden = hidden.booleanValue();
}
Boolean hardwareBack = features.get(HARDWARE_BACK_BUTTON);
if (hardwareBack != null) {
hadwareBackButton = hardwareBack.booleanValue();
}
Boolean cache = features.get(CLEAR_ALL_CACHE);
if (cache != null) {
clearAllCache = cache.booleanValue();
} else {
cache = features.get(CLEAR_SESSION_CACHE);
if (cache != null) {
clearSessionCache = cache.booleanValue();
}
}
}
@SuppressLint("NewApi")
public void run() {
((InAppBrowserClient) client).setSSLErrorFlag(ignoreSSLError);
}
};
this.cordova.getActivity().runOnUiThread(runnable);
return "";
}
public class InAppBrowserClient extends WebViewClient {
EditText edittext;
CordovaWebView webView;
boolean ignoreSSLError = false;
@Override
public void onReceivedSslError(WebView view, SslErrorHandler handler,
SslError error) {
if(this.ignoreSSLError) {
handler.proceed();
return;
}
else{
super.onReceivedSslError(view, handler, error);
}
}
public void setSSLErrorFlag(boolean flag) {
this.ignoreSSLError = flag;
}
}
}
THEN ADD THIS LINE IN JAVASCRIPT
var options = {
location: 'yes',
//clearcache: 'no',
toolbar: 'yes',
//clearsessioncache:'no',
zoom:'no',
ignoresslerror:'yes'
};
$scope.init = function () {
$ionicPlatform.ready(function() {
$cordovaInAppBrowser.open('https://192.168.1.80', '_blank', options)
.then(function(event) {
})
.catch(function(event) {
});
});
AFTER DONE THIS COMPILE AND EXECUTE THAT'S IT
FULL VERSION CODE
Local https links are blocked by default in InAppBrowser (links using fake SSL certificate which can't be verified by a 3rd party). Ideally, user should be given an option to proceed or cancel the request like the default desktop browsers do.
Right now, we have to additional method for accessing fake ssl in the InAppBrowser like location,zoom,hardwareback
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 我欲成王,谁敢阻挡 的文章《Bypass SSL Error in InAppBrowser Cordova Plugin》','https://www.manongdao.com/article-823113.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}