Comments (13)
wendux
commented on August 25, 2024
4
证书校验相关内容已添加到文档 https://github.com/flutterchina/dio#https-certificate-verification
from dio.
wendux
commented on August 25, 2024
这样应该是可以的,可以将你的证书加到证书链中,你也可以参考 #32 ,通过badCertificateCallback来校验
from dio.
cdoky
commented on August 25, 2024
@wendux 你好,我参考了 #32 和 #33 .
但是, 貌似还是不行
main.dart
import 'package:flutter/material.dart';
import 'dart:io';
import 'package:dio/dio.dart';
void main() async {
HttpOverrides.global = new MyHttpOverrides();
runApp(new MyApp());
}
class MyApp extends StatelessWidget {
// This widget is the root of your application.
@override
Widget build(BuildContext context) {
return new MaterialApp(
title: 'Flutter Demo',
theme: new ThemeData(
primarySwatch: Colors.blue,
),
home: new MyHomePage(title: 'Flutter Demo Home Page'),
);
}
}
class MyHomePage extends StatefulWidget {
MyHomePage({Key key, this.title}) : super(key: key);
final String title;
@override
_MyHomePageState createState() => new _MyHomePageState();
}
class MyHttpOverrides extends HttpOverrides{
@override
HttpClient createHttpClient(SecurityContext context){
HttpClient client= super.createHttpClient(context); //<<--- notice 'super'
client.badCertificateCallback = (X509Certificate cert, String host, int port ){
print(cert.sha1);
return false;
};
return client;
}
}
class _MyHomePageState extends State<MyHomePage> {
int _counter = 0;
Dio dio = Dio();
void _incrementCounter() {
setState(() {//
_counter++;
});
}
@override
Widget build(BuildContext context) {
this.dio.get("https://github.com/flutterchina/dio/issues/61").then((response){
print(response);
}, onError: (){
});
return new Scaffold(
appBar: new AppBar(
title: new Text(widget.title),
),
body: new Center(
child: new Column(
mainAxisAlignment: MainAxisAlignment.center,
children: <Widget>[
new Text(
'You have pushed the button this many times:',
),
new Text(
'$_counter',
style: Theme.of(context).textTheme.display1,
),
],
),
),
floatingActionButton: new FloatingActionButton(
onPressed: _incrementCounter,
tooltip: 'Increment',
child: new Icon(Icons.add),
), // This trailing comma makes auto-formatting nicer for build methods.
);
}
}另外,我使用dio版本1.0.3,没有options.trustSelfSignedCerts这个属性
from dio.
wendux
commented on August 25, 2024
you should return true if it is your own certificate.
from dio.
cdoky
commented on August 25, 2024
@wendux
如果返回false,那么应该就是证书验证失败?
如果证书验证失败,那么就不应该会有数据请求吧?
但是,我现在还是能请求到数据
from dio.
wendux
commented on August 25, 2024
你确定走到这个回调中了吗?
from dio.
cdoky
commented on August 25, 2024
我确定这个回调没走到
from dio.
wendux
commented on August 25, 2024
试试这样:
dio.onHttpClientCreate = (HttpClient client) {
print("dio xxxx");
client.badCertificateCallback =
(X509Certificate cert, String host, int port) {
//校验逻辑
return true;
};
};from dio.
cdoky
commented on August 25, 2024
@override
void initState() {
// TODO: implement initState
super.initState();
dio.onHttpClientCreate = (HttpClient client) {
print("dio xxxx");
client.badCertificateCallback =
(X509Certificate cert, String host, int port) {
//校验逻辑
print("dio x509");
return true;
};
};
}只打印了dio xxxx
未打印dio x509
from dio.
wendux
commented on August 25, 2024
你请求的是github 的网址吗(你贴的代码中),如果是的话当然就不会走到这了,因为github的证书是有效的
from dio.
cdoky
commented on August 25, 2024
那这就尴尬了,我想要实现的功能是:我要验证证书是不是我的证书,已防止证书欺骗
from dio.
wendux
commented on August 25, 2024
@INFT 你的证书如果是自签名证书,那么默认不被信任,直接请求你的服务器,就会走到此回调。如果你的证书是可信CA颁发的,并且你请求的domain包含在证书里,便会自动通过验证,因为别人伪造不了(除非CA乱发证书),这是Dart自动执行的验证,如果请求的domain没在证书里,那就说明此证书并非你的,证书检验失败,此时也会进入此回调。如果你想无论证书是否有效,都想自己检验,目前Dart没有提供这样的回调。
from dio.
cdoky
commented on August 25, 2024
o.o
看起来我的需求是无法实现了
from dio.
Related Issues (20)
- Access response data type <T> in Interceptor. HOT 5
- SOCKS5 PROXY SUPPORT HOT 1
- Dio on Windows : Invalid media type: expected no more input. HOT 3
- I cannot set a content-type of a form-data field HOT 5
- DioException (DioException [bad response]: This exception was thrown because the response has a status code of 401 and RequestOptions.validateStatus was configured to throw for this status code. HOT 3
- The connection errored: Connection refused This indicates an error which most likely cannot be solved by the library. HOT 3
- [Web] ERROR_TYPE: DioExceptionType.connectionError HOT 2
- Flutter web deployment HOT 1
- [Dio native adapter] proxy HOT 2
- Exception has occurred. DioException (DioException [bad response]: This exception was thrown because the response has a status code of 401 and RequestOptions.validateStatus was configured to throw for this status code. The status code of 401 has the following meaning: "Client error - the request contains bad syntax or cannot be fulfilled" Read more about status codes at https://developer.mozilla.org/en-US/docs/Web/HTTP/Status In order to resolve this exception you typically have either to verify and fix your request code or you have to fix the server code. ) HOT 1
- error 404 when trying to download a file. HOT 3
- How to mock Dio.interceptors.add when write unit test? HOT 1
- Conditionally allows relative path for `baseUrl` HOT 11
- Need a way to catch DioException [request cancelled] from the caller code HOT 3
- 有没有大佬帮我看看我的代码有什么问题,handler.resolve(res) 后,原始请求返回值一直为空,不知道为什么? HOT 1
- I don't know where the problem is with my code. After handler.reslove(res), the return value of the original request is always empty. HOT 3
- [Flutter Web] dio.get() sends options. HOT 1
- How to use handler.reject in onError of QueuedInterceptor HOT 1
- [native_dio_adapter] Exception fetching LoggerImpl class HOT 4
- http请求头不标准,大小写全部错误 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dio.