- } else { // Older versions not so much.
- oldRequestHeadersBuilderLength = requestHeadersBuilder.length();
- requestHeadersBuilder.append("Accept-Encoding");
- newRequestHeadersBuilderLength = requestHeadersBuilder.length();
- requestHeadersBuilder.setSpan(new StyleSpan(Typeface.BOLD), oldRequestHeadersBuilderLength, newRequestHeadersBuilderLength, Spanned.SPAN_EXCLUSIVE_EXCLUSIVE);
- }
- requestHeadersBuilder.append(": gzip");
-
-
- // The actual network request is in a `try` bracket so that `disconnect()` is run in the `finally` section even if an error is encountered in the main block.
- try {
- // Initialize the string builders.
- responseMessageBuilder = new SpannableStringBuilder();
- responseHeadersBuilder = new SpannableStringBuilder();
+ requestHeadersBuilder.append(": gzip");
+
+ // Ignore SSL errors if requested.
+ if (ignoreSslErrors){
+ // Create a new host name verifier.
+ HostnameVerifier hostnameVerifier = (hostname, sslSession) -> {
+ // Allow all host names.
+ return true;
+ };
+
+ // Create a new trust manager.
+ TrustManager[] trustManager = new TrustManager[] {
+ new X509TrustManager() {
+ @SuppressLint("TrustAllX509TrustManager")
+ @Override
+ public void checkClientTrusted(X509Certificate[] chain, String authType) {
+ // Do nothing, which trusts all client certificates.
+ }
+
+ @SuppressLint("TrustAllX509TrustManager")
+ @Override
+ public void checkServerTrusted(X509Certificate[] chain, String authType) {
+ // Do nothing, which trusts all server certificates.
+ }
+
+ @Override
+ public X509Certificate[] getAcceptedIssuers() {
+ return null;
+ }
+ }
+ };
+
+ // Get an SSL context. `TLS` provides a base instance available from API 1. <https://developer.android.com/reference/javax/net/ssl/SSLContext>
+ SSLContext sslContext = SSLContext.getInstance("TLS");
+
+ // Initialize the SSL context with the blank trust manager.
+ sslContext.init(null, trustManager, new SecureRandom());
+
+ // Get the SSL socket factory with the blank trust manager.
+ SSLSocketFactory socketFactory = sslContext.getSocketFactory();
+
+ // Set the HTTPS URL Connection to use the blank host name verifier.
+ ((HttpsURLConnection) httpUrlConnection).setHostnameVerifier(hostnameVerifier);
+
+ // Set the HTTPS URL connection to use the socket factory with the blank trust manager.
+ ((HttpsURLConnection) httpUrlConnection).setSSLSocketFactory(socketFactory);
+ }