use https everywhere. And rewrite URLs if necessary.

This commit is contained in:
Eric House 2019-01-31 11:13:08 -08:00
parent 5d36470e50
commit 2c4ce83a5b
6 changed files with 40 additions and 32 deletions

View file

@ -61,7 +61,6 @@ import org.json.JSONObject;
import java.io.Serializable;
import java.net.HttpURLConnection;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
@ -69,6 +68,7 @@ import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.net.ssl.HttpsURLConnection;
public class DictsDelegate extends ListDelegateBase
implements View.OnClickListener, AdapterView.OnItemLongClickListener,
@ -1225,7 +1225,8 @@ public class DictsDelegate extends ListDelegateBase
// parse less data
String name = null;
String proc = String.format( "listDicts?lc=%s", m_lc );
HttpURLConnection conn = NetUtils.makeHttpUpdateConn( m_context, proc );
HttpsURLConnection conn = NetUtils.makeHttpsUpdateConn( m_context,
proc );
if ( null != conn ) {
JSONObject theOne = null;
String langName = null;
@ -1310,7 +1311,8 @@ public class DictsDelegate extends ListDelegateBase
public Boolean doInBackground( Void... unused )
{
boolean success = false;
HttpURLConnection conn = NetUtils.makeHttpUpdateConn( m_context, "listDicts" );
HttpsURLConnection conn = NetUtils.makeHttpsUpdateConn( m_context,
"listDicts" );
if ( null != conn ) {
String json = NetUtils.runConn( conn, new JSONObject() );
if ( !isCancelled() ) {

View file

@ -36,7 +36,6 @@ import java.io.DataOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.net.HttpURLConnection;
import java.net.InetAddress;
import java.net.Socket;
import java.net.URL;
@ -44,6 +43,7 @@ import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import javax.net.ssl.HttpsURLConnection;
import javax.net.SocketFactory;
@ -100,7 +100,7 @@ public class NetUtils {
one.put( "seed", m_obits[ii].m_seed );
params.put( one );
}
HttpURLConnection conn = makeHttpRelayConn( m_context, "kill" );
HttpsURLConnection conn = makeHttpsRelayConn( m_context, "kill" );
String resStr = runConn( conn, params );
Log.d( TAG, "runViaWeb(): kill(%s) => %s", params, resStr );
@ -194,27 +194,36 @@ public class NetUtils {
return host;
}
protected static HttpURLConnection makeHttpRelayConn( Context context,
String proc )
public static String ensureHttps( String url )
{
String result = url.replaceFirst( "^http:", "https:" );
if ( ! url.equals( result ) ) {
Log.d( TAG, "ensureHttps(%s) => %s", url, result );
}
return result;
}
protected static HttpsURLConnection makeHttpsRelayConn( Context context,
String proc )
{
String url = XWPrefs.getDefaultRelayUrl( context );
return makeHttpConn( context, url, proc );
return makeHttpsConn( context, url, proc );
}
protected static HttpURLConnection makeHttpUpdateConn( Context context,
String proc )
protected static HttpsURLConnection makeHttpsUpdateConn( Context context,
String proc )
{
String url = XWPrefs.getDefaultUpdateUrl( context );
return makeHttpConn( context, url, proc );
return makeHttpsConn( context, url, proc );
}
private static HttpURLConnection makeHttpConn( Context context,
String path, String proc )
private static HttpsURLConnection makeHttpsConn( Context context,
String path, String proc )
{
HttpURLConnection result = null;
HttpsURLConnection result = null;
try {
String url = String.format( "%s/%s", path, proc );
result = (HttpURLConnection)new URL(url).openConnection();
String url = String.format( "%s/%s", ensureHttps( path ), proc );
result = (HttpsURLConnection)new URL(url).openConnection(); // class cast exception
} catch ( java.net.MalformedURLException mue ) {
Assert.assertNull( result );
Log.ex( TAG, mue );
@ -225,17 +234,17 @@ public class NetUtils {
return result;
}
protected static String runConn( HttpURLConnection conn, JSONArray param )
protected static String runConn( HttpsURLConnection conn, JSONArray param )
{
return runConn( conn, param.toString() );
}
protected static String runConn( HttpURLConnection conn, JSONObject param )
protected static String runConn( HttpsURLConnection conn, JSONObject param )
{
return runConn( conn, param.toString() );
}
private static String runConn( HttpURLConnection conn, String param )
private static String runConn( HttpsURLConnection conn, String param )
{
String result = null;
Map<String, String> params = new HashMap<String, String>();
@ -260,7 +269,7 @@ public class NetUtils {
os.close();
int responseCode = conn.getResponseCode();
if ( HttpURLConnection.HTTP_OK == responseCode ) {
if ( HttpsURLConnection.HTTP_OK == responseCode ) {
InputStream is = conn.getInputStream();
BufferedInputStream bis = new BufferedInputStream( is );

View file

@ -41,7 +41,6 @@ import android.widget.FrameLayout;
import android.widget.Spinner;
import java.io.Serializable;
import java.net.HttpURLConnection;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Comparator;
@ -52,7 +51,6 @@ import java.util.Set;
import org.json.JSONArray;
import org.json.JSONObject;
import org.eehouse.android.xw4.DlgDelegate.Action;
public class RelayInviteDelegate extends InviteDelegate {

View file

@ -51,7 +51,6 @@ import java.io.InputStream;
import java.io.OutputStream;
import java.net.DatagramPacket;
import java.net.DatagramSocket;
import java.net.HttpURLConnection;
import java.net.InetAddress;
import java.net.Socket;
import java.util.ArrayList;
@ -63,6 +62,7 @@ import java.util.concurrent.LinkedBlockingQueue;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicInteger;
import java.util.concurrent.atomic.AtomicReference;
import javax.net.ssl.HttpsURLConnection;
public class RelayService extends JobIntentService
implements NetStateCache.StateChangedIf {
@ -1183,8 +1183,8 @@ public class RelayService extends JobIntentService
Log.d( TAG, "sendViaWeb(): sending %d at once", packets.size() );
final RelayService service = getService();
HttpURLConnection conn = NetUtils
.makeHttpRelayConn( service, "post" );
HttpsURLConnection conn = NetUtils
.makeHttpsRelayConn( service, "post" );
if ( null == conn ) {
Log.e( TAG, "sendViaWeb(): null conn for POST" );
} else {

View file

@ -31,13 +31,12 @@ import android.net.Uri;
import android.os.AsyncTask;
import android.os.SystemClock;
import java.io.File;
import javax.net.ssl.HttpsURLConnection;
import org.eehouse.android.xw4.loc.LocUtils;
import org.json.JSONArray;
import org.json.JSONObject;
import java.io.File;
import java.net.HttpURLConnection;
public class UpdateCheckReceiver extends BroadcastReceiver {
private static final String TAG = UpdateCheckReceiver.class.getSimpleName();
@ -259,8 +258,8 @@ public class UpdateCheckReceiver extends BroadcastReceiver {
@Override
protected String doInBackground( Void... unused )
{
HttpURLConnection conn
= NetUtils.makeHttpUpdateConn( m_context, "getUpdates" );
HttpsURLConnection conn
= NetUtils.makeHttpsUpdateConn( m_context, "getUpdates" );
String json = null;
if ( null != conn ) {
json = NetUtils.runConn( conn, m_params );
@ -307,7 +306,7 @@ public class UpdateCheckReceiver extends BroadcastReceiver {
}
Intent intent;
String url = app.getString( k_URL );
String url = NetUtils.ensureHttps( app.getString( k_URL ) );
if ( useBrowser ) {
intent = new Intent( Intent.ACTION_VIEW,
Uri.parse(url) );

View file

@ -2772,6 +2772,6 @@
condition of being listed on the Google Play Store. Thus
play-via-SMS no longer works on copies of CrossWords obtained
through the Play Store (as this one was.) If you miss this feature,
please check http://eehouse.org/sms.html for updates on the
please check https://eehouse.org/sms.html for updates on the
situation.</string>
</resources>