HttpGet/客户端和 HTTPS

发布于 2024-11-05 02:10:38 字数 1157 浏览 0 评论 0原文

以前，我使用此处讨论的自定义 TrustManager 来执行此操作

SAXParserFactory spf = SAXParserFactory.newInstance();
SAXParser sp = spf.newSAXParser();

XMLReader xr = sp.getXMLReader();
MyXMLHandler mHandler = new MyXMLHandler();
xr.setContentHandler(mHandler);

xr.parse(new InputSource(buildUrlString()));

（其中 buildUrlString() 返回一个包含要调用的 https:// url 的字符串），效果很好。但是，我现在希望能够向相同的 url 发送 Accept-Encoding 标头以进行 gzip 压缩。我可以这样做，

HttpUriRequest request = new HttpGet(buildUrlString());
request.addHeader("Accept-Encoding", "gzip");
HttpClient httpClient = new DefaultHttpClient();
HttpResponse response = httpClient.execute(request);

InputStream instream = response.getEntity().getContent();
Header contentEncoding = response.getFirstHeader("Content-Encoding");
if ((contentEncoding != null)
    && contentEncoding.getValue().equalsIgnoreCase("gzip")) 
{ 
  instream = new GZIPInputStream(instream);
} 
xr.parse(new InputSource(instream));

但这会带回我想忽略的“不受信任的服务器证书”错误。我如何让它使用 HTTPS？或者，有更好的方法来做到这一点吗？（我需要先检查一些东西，以确保手机确实可以接受我所说的 gzip 压缩网页吗？）

原文

Previously, I used custom TrustManager talked about here to do this

SAXParserFactory spf = SAXParserFactory.newInstance();
SAXParser sp = spf.newSAXParser();

XMLReader xr = sp.getXMLReader();
MyXMLHandler mHandler = new MyXMLHandler();
xr.setContentHandler(mHandler);

xr.parse(new InputSource(buildUrlString()));

(where buildUrlString() returns a string containing the https:// url to call) which works fine. However, I want to now be able to send the same url an Accept-Encoding header for gzip compression. I can do that like this

HttpUriRequest request = new HttpGet(buildUrlString());
request.addHeader("Accept-Encoding", "gzip");
HttpClient httpClient = new DefaultHttpClient();
HttpResponse response = httpClient.execute(request);

InputStream instream = response.getEntity().getContent();
Header contentEncoding = response.getFirstHeader("Content-Encoding");
if ((contentEncoding != null)
    && contentEncoding.getValue().equalsIgnoreCase("gzip")) 
{ 
  instream = new GZIPInputStream(instream);
} 
xr.parse(new InputSource(instream));

but that brings back the "Not trusted server certificate" error that I want to ignore. How do I make it do HTTPS? Alternatively, is there a better way to do this? (And is there something I need to check first to make sure the phone really can accept the gzipped webpages that I'm saying it can?)

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

空城之時有危險 2024-11-12 02:10:38

如果您想使用 Apache HTTP 客户端 API，您可以通过扩展 DefaultHttpClient 来继续使用自定义 TrustManager

import org.apache.http.conn.ssl.SSLSocketFactory;

public class MyHttpClient extends DefaultHttpClient {
  final Context context;

  public MyHttpClient(Context context) {
    this.context = context;
  }

  @Override 
  protected ClientConnectionManager createClientConnectionManager() {
    SchemeRegistry registry = new SchemeRegistry();
    registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
    registry.register(new Scheme("https", newSslSocketFactory(), 443));
    return new SingleClientConnManager(getParams(), registry);
  }

  private SSLSocketFactory newSslSocketFactory() {
    try {
      TrustManager tm = new MyCustomTrustManager();
      SSLContext ctx = SSLContext.getInstance("TLS");
      ctx.init(null, new TrustManager[] {tm}, null);
      SSLSocketFactory sf = new SSLSocketFactory(ctx);
      return new SSLSocketFactory(ctx);
    } catch (Exception e) {
      throw new Error(e);
    }
  }
}

If you want to use Apache HTTP client API you can keep using your custom TrustManager by extending the DefaultHttpClient

import org.apache.http.conn.ssl.SSLSocketFactory;

public class MyHttpClient extends DefaultHttpClient {
  final Context context;

  public MyHttpClient(Context context) {
    this.context = context;
  }

  @Override 
  protected ClientConnectionManager createClientConnectionManager() {
    SchemeRegistry registry = new SchemeRegistry();
    registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
    registry.register(new Scheme("https", newSslSocketFactory(), 443));
    return new SingleClientConnManager(getParams(), registry);
  }

  private SSLSocketFactory newSslSocketFactory() {
    try {
      TrustManager tm = new MyCustomTrustManager();
      SSLContext ctx = SSLContext.getInstance("TLS");
      ctx.init(null, new TrustManager[] {tm}, null);
      SSLSocketFactory sf = new SSLSocketFactory(ctx);
      return new SSLSocketFactory(ctx);
    } catch (Exception e) {
      throw new Error(e);
    }
  }
}

回复收藏 0 原文

允世 2024-11-12 02:10:38

实际上，这是可行的：

URL url = new URL(buildUrlString());
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestProperty("Accept-Encoding","gzip"); 

InputStream instream = conn.getInputStream();
String response = conn.getContentEncoding();
if ((response != null)
    && response.equalsIgnoreCase("gzip")) 
{ 
  instream = new GZIPInputStream(instream);
} 
xr.parse(new InputSource(instream));

不过，我仍然不确定这是最好的解决方案，所以我会暂时保留这个问题，以防有人有更好的想法。 :)

Actually this works:

URL url = new URL(buildUrlString());
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setRequestProperty("Accept-Encoding","gzip"); 

InputStream instream = conn.getInputStream();
String response = conn.getContentEncoding();
if ((response != null)
    && response.equalsIgnoreCase("gzip")) 
{ 
  instream = new GZIPInputStream(instream);
} 
xr.parse(new InputSource(instream));

I'm still not sure this is the best solution, though, so I'll leave the question up for a bit in case anyone has better ideas. :)

回复收藏 0 原文

~没有更多了~