From: Soren Stoutner When visiting an encrypted URL (one that begins with HTTPS), the webserver uses an SSL certificate to both encrypt the information sent to the browser and to identify the server.
+ The purpose of the server identification is to prevent a machine located between the browser and the webserver from pretending to be the server and decrypting the information in transit.
+ This type of attack is known as a Man In The Middle (MITM) attack. SSL certificates are generated by certificate authorities: companies that verify a serverâs identity and produce a certificate for a fee.
+ Android has a list of trusted certificate authorities, and will accept any of their certificates for any website.
+ It isnât supposed to be possible for an organization to acquire an SSL certificate for a domain they do not control, but in practice many governments and large corporations have been able to do so. The purpose of SSL certificate pinning is to tell the browser that only one specific SSL certificate is to be trusted for a particular domain. Any other certificate, even if it is valid, will be rejected. SSL certificates expire on a specified date, so even pinned SSL certificates will legitimately need to be updated from time to time.
+ As a general rule, pinning SSL certificates probably isnât needed in the majority of cases.
+ But for those who suspect that powerful organizations may be targeting them, SSL certificate pinning can detect and thwart a MITM attack. SSL certificates can be pinned in Domain Settings.
+ Besides protecting against MITM attacks, pinning a self-signed certificate for a device like a wireless router or access point will remove the error message that is normally presented every time its website is loaded. Connect with Confidence
+
+
Privacy Browser nutzt standardmäÃig den auf dem Gerät in WebView integrierten User Agent. - Sie können nachsehen, welcher es ist, wenn Sie in die Einstellungen gehen und den User - Agent auf WebView-Standard stellen. Der Screenshot unten zeigt ein Nexus 6P mit Android 6.0.1 - und installiertem Android System WebView 52.0.2743.98.
+ Sie können nachsehen, welcher es ist, wenn Sie in die Einstellungen gehen und den User Agent auf WebView-Standard stellen. + Der Screenshot unten zeigt ein Nexus 6P mit Android 7.1.2 und installiertem Android System WebView 60.0.3112.107. diff --git a/app/src/main/assets/de/images/advertising_id.png b/app/src/main/assets/de/images/advertising_id.png index 6cad3631..5b4978e1 100644 Binary files a/app/src/main/assets/de/images/advertising_id.png and b/app/src/main/assets/de/images/advertising_id.png differ diff --git a/app/src/main/assets/de/images/domain_settings.png b/app/src/main/assets/de/images/domain_settings.png index 16493855..c4fe96db 100644 Binary files a/app/src/main/assets/de/images/domain_settings.png and b/app/src/main/assets/de/images/domain_settings.png differ diff --git a/app/src/main/assets/de/images/pinned_ssl_certificate.png b/app/src/main/assets/de/images/pinned_ssl_certificate.png new file mode 100644 index 00000000..363a1dc0 Binary files /dev/null and b/app/src/main/assets/de/images/pinned_ssl_certificate.png differ diff --git a/app/src/main/assets/de/images/ssl_certificate_mismatch.png b/app/src/main/assets/de/images/ssl_certificate_mismatch.png new file mode 100644 index 00000000..e437c8b7 Binary files /dev/null and b/app/src/main/assets/de/images/ssl_certificate_mismatch.png differ diff --git a/app/src/main/assets/de/images/tor.png b/app/src/main/assets/de/images/tor.png index 376d1e8c..d2c88469 100644 Binary files a/app/src/main/assets/de/images/tor.png and b/app/src/main/assets/de/images/tor.png differ diff --git a/app/src/main/assets/de/images/user_agent.png b/app/src/main/assets/de/images/user_agent.png index 3e26e775..96c6c911 100644 Binary files a/app/src/main/assets/de/images/user_agent.png and b/app/src/main/assets/de/images/user_agent.png differ diff --git a/app/src/main/assets/en/guide_ssl_certificate_pinning.html b/app/src/main/assets/en/guide_ssl_certificate_pinning.html index df3271bb..a06431bd 100644 --- a/app/src/main/assets/en/guide_ssl_certificate_pinning.html +++ b/app/src/main/assets/en/guide_ssl_certificate_pinning.html @@ -41,7 +41,7 @@ -When visiting an encrypted URL (one that begins with HTTPS), the webserver uses an SSL certificate to both encrypt the information sent to the browser and to identify the server. The purpose of the server identification is to prevent a machine located between the browser and the webserver from pretending to be the server and decrypting the information in transit. diff --git a/app/src/main/assets/en/guide_user_agent.html b/app/src/main/assets/en/guide_user_agent.html index a8c6238c..096793bc 100644 --- a/app/src/main/assets/en/guide_user_agent.html +++ b/app/src/main/assets/en/guide_user_agent.html @@ -45,26 +45,31 @@
When web browsers connect to websites, they send a user agent, which identifies the browser and the rendering capabilities it possesses. The web server can use this information to decide which version of the - website to send to the browser. For example, many websites have different versions for desktop and mobile browsers.
+When web browsers connect to websites, they send a user agent, which identifies the browser and the rendering capabilities it possesses. + The web server can use this information to decide which version of the website to send to the browser. + For example, many websites have different versions for desktop and mobile browsers.
-By default, Privacy Browser uses its own user agent, which is PrivacyBrowser/1.0. This sends a minimum of information to the web server. Because web servers do not recognize this to be a mobile user agent, - they typically display the desktop version of the site.
+By default, Privacy Browser uses its own user agent, which is PrivacyBrowser/1.0. This sends a minimum of information to the web server. + Because web servers do not recognize this to be a mobile user agent, they typically display the desktop version of the site.
-By comparison, WebViewâs default user agent divulges a large amount of information about the hardware and software of the device. On the Settings screen, selecting WebView Default as the - User agent displays the user agent that will be sent. The screenshot below shows a Nexus 6P running Android 7.1.1 with Android System WebView 55.0.2883.91 installed. Most web servers will recognize this as - a mobile browser and will display the mobile version of the site if they have one.
+By comparison, WebViewâs default user agent divulges a large amount of information about the hardware and software of the device. + On the Settings screen, selecting WebView Default as the User agent displays the user agent that will be sent. + The screenshot below shows a Nexus 6P running Android 7.1.2 with Android System WebView 60.0.3112.107 installed. + Most web servers will recognize this as a mobile browser and will display the mobile version of the site if they have one.
-There is enough information in the user agent that sometimes only a few visitors to a website will be the same. If the user agent is combined with another piece of non-unique identifying information, often it results in a unique fingerprint. - The Electronic Frontier Foundation created a tool called Panopticlick to demonstrate how much information can be gleaned from these sources. If this test is run with JavaScript enabled the - amount of information that is disclosed increases greatly. Browser Leaks and Am I Unique are also good sources of information.
+There is enough information in the user agent that sometimes only a few visitors to a website will be the same. + If the user agent is combined with another piece of non-unique identifying information, often it results in a unique fingerprint. + The Electronic Frontier Foundation created a tool called Panopticlick to demonstrate how much information can be gleaned from these sources. + If this test is run with JavaScript enabled the amount of information that is disclosed increases greatly. + Browser Leaks and Am I Unique are also good sources of information.
-There are several preset user agents that match common browsers and operating systems. For browser fingerprinting purposes, anything that is rare is easier to track. If Privacy Browser becomes common and many people use PrivacyBrowser/1.0 - as their user agent, it will be a good choice for privacy. Firefox or Chrome are the most common user agents, but they auto-update and their version numbers change so quickly that it is likely the user agents included in Privacy Browser +
There are several preset user agents that match common browsers and operating systems. For browser fingerprinting purposes, anything that is rare is easier to track. + If Privacy Browser becomes common and many people use PrivacyBrowser/1.0 as their user agent, it will be a good choice for privacy. + Firefox or Chrome are the most common user agents, but they auto-update and their version numbers change so quickly that it is likely the user agents included in Privacy Browser will often be out of step with the majority of user agents in the server logs.
Androidâs WebView does not allow the user agent to be blank. If it is, WebView simply sends the default user agent to the server.
diff --git a/app/src/main/assets/en/images/advertising_id.png b/app/src/main/assets/en/images/advertising_id.png index 7f05a57b..2d811f3c 100644 Binary files a/app/src/main/assets/en/images/advertising_id.png and b/app/src/main/assets/en/images/advertising_id.png differ diff --git a/app/src/main/assets/en/images/domain_settings.png b/app/src/main/assets/en/images/domain_settings.png index 3d4e9d02..b768699b 100644 Binary files a/app/src/main/assets/en/images/domain_settings.png and b/app/src/main/assets/en/images/domain_settings.png differ diff --git a/app/src/main/assets/en/images/green_url_bar.png b/app/src/main/assets/en/images/green_url_bar.png index 778ba0b6..93045bcd 100644 Binary files a/app/src/main/assets/en/images/green_url_bar.png and b/app/src/main/assets/en/images/green_url_bar.png differ diff --git a/app/src/main/assets/en/images/panopticlick.png b/app/src/main/assets/en/images/panopticlick.png index e8170c09..509e5676 100644 Binary files a/app/src/main/assets/en/images/panopticlick.png and b/app/src/main/assets/en/images/panopticlick.png differ diff --git a/app/src/main/assets/en/images/tor.png b/app/src/main/assets/en/images/tor.png index f6495fa2..fd029995 100644 Binary files a/app/src/main/assets/en/images/tor.png and b/app/src/main/assets/en/images/tor.png differ diff --git a/app/src/main/assets/en/images/user_agent.png b/app/src/main/assets/en/images/user_agent.png index f55c5cc7..3e5fb3c3 100644 Binary files a/app/src/main/assets/en/images/user_agent.png and b/app/src/main/assets/en/images/user_agent.png differ diff --git a/app/src/main/assets/en/images/webkay.png b/app/src/main/assets/en/images/webkay.png index 09a1b5e7..da008421 100644 Binary files a/app/src/main/assets/en/images/webkay.png and b/app/src/main/assets/en/images/webkay.png differ diff --git a/app/src/main/assets/es/guide_javascript.html b/app/src/main/assets/es/guide_javascript.html index 0dad0931..1f7a577d 100644 --- a/app/src/main/assets/es/guide_javascript.html +++ b/app/src/main/assets/es/guide_javascript.html @@ -70,8 +70,8 @@ (los cuales indican que Javascript está deshabilitado) y rojo (Javascript habilitado). Revisar la diferente información que webkay puede recoger con Javascript habilitado y deshabilitado es informativo. -Navegar por internet con Javascript deshabilitado, y sólo habilitarlo cuando sea necesario, hace mucho en proteger la privacidad del usuario. Además, Javascript se usa para cargar muchos de - los molestos anuncios y demás basura que viene con las más modernas páginas web. Al deshabilitarlo, las páginas web cargarán más rápido, consumirán menos tráfico de red, - y contendrán menos molestos anuncios, en lugar de aquellos que hacen cosas como cubrir el texto de toda la página web.
+Navegar por internet con Javascript deshabilitado, y sólo habilitarlo cuando sea necesario, hace mucho en proteger la privacidad del usuario. + Además, Javascript se usa para cargar muchos de los molestos anuncios y demás basura que viene con las más modernas páginas web. + Al deshabilitarlo, las páginas web cargarán más rápido, consumirán menos tráfico de red y contendrán menos anuncios molestos, como aquellos que cubren el texto de toda la página web.
\ No newline at end of file diff --git a/app/src/main/assets/es/guide_ssl_certificate_pinning.html b/app/src/main/assets/es/guide_ssl_certificate_pinning.html new file mode 100644 index 00000000..e24ba756 --- /dev/null +++ b/app/src/main/assets/es/guide_ssl_certificate_pinning.html @@ -0,0 +1,67 @@ + + + + + + + + + +Al visitar una URL cifrada (que empieza con HTTPS), el servidor web usa un certificado SSL para cifrar tanto la información enviada al navegador como asimismo para identificar al servidor. + El propósito de la identificación del servidor es para prevenir que una máquina ubicada entre el navegador y el servidor web pretenda ser el servidor y descifrar la información en tránsito. + Este clase de ataque es conocido como Hombre en Medio (MITM en sus iniciales en inglés). + Los certificados SSL son generados por las autoridades certificadoras: compañÃas que verifican la identidad de un servidor y producen un certificado a cambio de una tarifa. + Android tiene una lista de autoridades certificadoras de confianza y aceptará cualquiera de sus certificados para cualquier página web. + Se supone que no es posible que una organización adquiera un certificado SSL para un dominio que no controla, pero en la práctica muchos gobiernos y grandes corporaciones han sido capaces de hacerlo.
+ +El propósito de la fijación de certificado SSL es para decir al navegador que sólo un certificado SSL especÃfico es confiable para un dominio particular. + Cualquier otro certificado, aunque sea válido, será rechazado.
+ + + +Los certificados SSL expiran en una fecha especificada, por lo que incluso los certificados SSL fijados necesitarán legÃtimamente ser actualizados de vez en cuando. + Como regla general, fijar los certificados SSL probablemente no sea necesario en la mayorÃa de los casos. + Pero para aquellos que sospechan que organizaciones poderosas puedan estar aputando hacia ellos, la fijación de certificados SSL puede detectar y frustar un ataque MITM.
+ + + +Los certificados SSL pueden ser fijados en Configuración de Dominios. + Además de proteger contra ataques MITM, fijar un certificado autofirmado para un dispositivo como un router inalámbrico o punto de acceso eliminará el mensaje de error que se presenta normalmente cada vez que se carga su página web.
+ + \ No newline at end of file diff --git a/app/src/main/assets/es/guide_user_agent.html b/app/src/main/assets/es/guide_user_agent.html index f3cdca19..f32e67d9 100644 --- a/app/src/main/assets/es/guide_user_agent.html +++ b/app/src/main/assets/es/guide_user_agent.html @@ -56,7 +56,7 @@En comparación, el agente de usuario por defecto de WebView divulga una gran cantidad de información sobre el hardware y el software del dispositivo. En la ventana Configuración, seleccionando WebView por defecto como el Agente de usuario muestra el agente de usuario que se enviará. - La captura de pantalla de abajo muestra un Nexus 6P corriendo Android 7.1.1 con el sistema de android WebView 55.0.2883.91 instalado. + La captura de pantalla de abajo muestra un Nexus 6P corriendo Android 7.1.2 con el sistema de android WebView 60.0.3112.107 instalado. La mayorÃa de servidores web reconocerán esto como un navegador móvil y mostrará la versión móvil del sitio si dispone de ella.
diff --git a/app/src/main/assets/es/images/advertising_id.png b/app/src/main/assets/es/images/advertising_id.png index 66efaaf7..b4c22825 100644 Binary files a/app/src/main/assets/es/images/advertising_id.png and b/app/src/main/assets/es/images/advertising_id.png differ diff --git a/app/src/main/assets/es/images/domain_settings.png b/app/src/main/assets/es/images/domain_settings.png index ddeb0025..949a2cc3 100644 Binary files a/app/src/main/assets/es/images/domain_settings.png and b/app/src/main/assets/es/images/domain_settings.png differ diff --git a/app/src/main/assets/es/images/pinned_ssl_certificate.png b/app/src/main/assets/es/images/pinned_ssl_certificate.png new file mode 100644 index 00000000..7572d9d5 Binary files /dev/null and b/app/src/main/assets/es/images/pinned_ssl_certificate.png differ diff --git a/app/src/main/assets/es/images/ssl_certificate_mismatch.png b/app/src/main/assets/es/images/ssl_certificate_mismatch.png new file mode 100644 index 00000000..39dac108 Binary files /dev/null and b/app/src/main/assets/es/images/ssl_certificate_mismatch.png differ diff --git a/app/src/main/assets/es/images/tor.png b/app/src/main/assets/es/images/tor.png index 1b6cd109..b470bbf9 100644 Binary files a/app/src/main/assets/es/images/tor.png and b/app/src/main/assets/es/images/tor.png differ diff --git a/app/src/main/assets/es/images/user_agent.png b/app/src/main/assets/es/images/user_agent.png index 1bdc7b84..1164e0bc 100644 Binary files a/app/src/main/assets/es/images/user_agent.png and b/app/src/main/assets/es/images/user_agent.png differ diff --git a/app/src/main/assets/it/guide_ssl_certificate_pinning.html b/app/src/main/assets/it/guide_ssl_certificate_pinning.html new file mode 100644 index 00000000..8fb49250 --- /dev/null +++ b/app/src/main/assets/it/guide_ssl_certificate_pinning.html @@ -0,0 +1,65 @@ + + + + + + + + + +When visiting an encrypted URL (one that begins with HTTPS), the webserver uses an SSL certificate to both encrypt the information sent to the browser and to identify the server. + The purpose of the server identification is to prevent a machine located between the browser and the webserver from pretending to be the server and decrypting the information in transit. + This type of attack is known as a Man In The Middle (MITM) attack. SSL certificates are generated by certificate authorities: companies that verify a serverâs identity and produce a certificate for a fee. + Android has a list of trusted certificate authorities, and will accept any of their certificates for any website. + It isnât supposed to be possible for an organization to acquire an SSL certificate for a domain they do not control, but in practice many governments and large corporations have been able to do so.
+ +The purpose of SSL certificate pinning is to tell the browser that only one specific SSL certificate is to be trusted for a particular domain. Any other certificate, even if it is valid, will be rejected.
+ + + +SSL certificates expire on a specified date, so even pinned SSL certificates will legitimately need to be updated from time to time. + As a general rule, pinning SSL certificates probably isnât needed in the majority of cases. + But for those who suspect that powerful organizations may be targeting them, SSL certificate pinning can detect and thwart a MITM attack.
+ + + +SSL certificates can be pinned in Domain Settings. + Besides protecting against MITM attacks, pinning a self-signed certificate for a device like a wireless router or access point will remove the error message that is normally presented every time its website is loaded.
+ + \ No newline at end of file diff --git a/app/src/main/assets/it/guide_user_agent.html b/app/src/main/assets/it/guide_user_agent.html index be408e72..308335c2 100644 --- a/app/src/main/assets/it/guide_user_agent.html +++ b/app/src/main/assets/it/guide_user_agent.html @@ -50,23 +50,27 @@Nel momento in cui un browser si connette ai siti web, invia uno user agent che identifica il browser e le sue caratteristiche di rendering. Il web server può utilizzare tali informazioni per decidere quale versione del sito inviare al browser. Molti siti web infatti sono disponibili in versioni diverse a seconda che vi si acceda con browser da PC (desktop) o da dispositivo mobile.
-Per default Privacy Browser utilizza un proprio user agent (o identificazione), ovvero PrivacyBrowser/1.0. Questo invia un set minimo di informazioni al web server. Dal momento che i web server non lo riconoscono come uno user agent di un dispositivo mobile, - generalmente inviano la versione desktop del sito.
+Per default Privacy Browser utilizza un proprio user agent (o identificazione), ovvero PrivacyBrowser/1.0. Questo invia un set minimo di informazioni al web server. + Dal momento che i web server non lo riconoscono come uno user agent di un dispositivo mobile, generalmente inviano la versione desktop del sito.
-In confronto, lo user agent di default di WebView invia una grande quantità di informazioni sull'hardware e sul software del dispositivo. Sulla schermata Settings, selezionando WebView Default come - User agent viene mostrato lo user agent che sarà inviato al web server. Lo screenshot sottostante mostra un Nexus 6P con Android 7.1.1 con installato Android System WebView 55.0.2883.91. La maggior parte dei web server lo riconoscerà come - browser mobile e invierà la versione mobile del sito, se disponibile.
+In confronto, lo user agent di default di WebView invia una grande quantità di informazioni sull'hardware e sul software del dispositivo. + Sulla schermata Settings, selezionando WebView Default come User agent viene mostrato lo user agent che sarà inviato al web server. + Lo screenshot sottostante mostra un Nexus 6P con Android 7.1.2 con installato Android System WebView 60.0.3112.107. + La maggior parte dei web server lo riconoscerà come browser mobile e invierà la versione mobile del sito, se disponibile.
-Nello user agent sono presenti informazioni sufficienti a far sì che solo di tanto in tanto a un sito web risulteranno visitatori identici. Se allo user agent viene aggiunto qualche altro pezzetto di informazione anche non univoca, spesso il risultato sarà quello di avere una impronta digitale unica. - La Electronic Frontier Foundation ha creato un tool dal nome Panopticlick per dimostrare quante informazioni possono essere raccolte. Se si esegue questo test con JavaScript abilitato - la quantità di informazioni è poi ancora maggiore. Browser Leaks e Am I Unique possono fornire ulteriori interessanti informazioni al riguardo.
+Nello user agent sono presenti informazioni sufficienti a far sì che solo di tanto in tanto a un sito web risulteranno visitatori identici. + Se allo user agent viene aggiunto qualche altro pezzetto di informazione anche non univoca, spesso il risultato sarà quello di avere una impronta digitale unica. + La Electronic Frontier Foundation ha creato un tool dal nome Panopticlick per dimostrare quante informazioni possono essere raccolte. + Se si esegue questo test con JavaScript abilitato la quantità di informazioni è poi ancora maggiore. + Browser Leaks e Am I Unique possono fornire ulteriori interessanti informazioni al riguardo.
-Sono disponibili diversi user agent predefiniti che identificano i browser e i sistemi operativi più comuni. Dal punto di vista dell'impronta digitale del browser, più è rara, più è facile da tracciare. Nel caso in cui Privacy Browser diventi di uso comune, e molti utenti utilizzino PrivacyBrowser/1.0 - come user agent, sarà una buona scelta dal punto di vista della privacy. Firefox o Chrome sono gli user agents più comuni, ma vengono aggiornati spesso e il loro numero di versione cambia così di frequente che lo user agent incluso in Privacy Browser molto facilmente +
Sono disponibili diversi user agent predefiniti che identificano i browser e i sistemi operativi più comuni. Dal punto di vista dell'impronta digitale del browser, più è rara, più è facile da tracciare. + Nel caso in cui Privacy Browser diventi di uso comune, e molti utenti utilizzino PrivacyBrowser/1.0 come user agent, sarà una buona scelta dal punto di vista della privacy. + Firefox o Chrome sono gli user agents più comuni, ma vengono aggiornati spesso e il loro numero di versione cambia così di frequente che lo user agent incluso in Privacy Browser molto facilmente sarà rimasto indietro rispetto alla maggior parte degli user agent tracciati nei log dei server.
WebView di Android non permette che lo user agent non sia specificato. In tal caso infatti, WebView invia al server lo user agent di default.
diff --git a/app/src/main/assets/it/images/advertising_id.png b/app/src/main/assets/it/images/advertising_id.png index b596fadb..c0a66699 100644 Binary files a/app/src/main/assets/it/images/advertising_id.png and b/app/src/main/assets/it/images/advertising_id.png differ diff --git a/app/src/main/assets/it/images/domain_settings.png b/app/src/main/assets/it/images/domain_settings.png index f86a2b76..42dda2a6 100644 Binary files a/app/src/main/assets/it/images/domain_settings.png and b/app/src/main/assets/it/images/domain_settings.png differ diff --git a/app/src/main/assets/it/images/pinned_ssl_certificate.png b/app/src/main/assets/it/images/pinned_ssl_certificate.png new file mode 100644 index 00000000..9e9ed394 Binary files /dev/null and b/app/src/main/assets/it/images/pinned_ssl_certificate.png differ diff --git a/app/src/main/assets/it/images/ssl_certificate_mismatch.png b/app/src/main/assets/it/images/ssl_certificate_mismatch.png new file mode 100644 index 00000000..8826bb1d Binary files /dev/null and b/app/src/main/assets/it/images/ssl_certificate_mismatch.png differ diff --git a/app/src/main/assets/it/images/tor.png b/app/src/main/assets/it/images/tor.png index fe626c22..4d084959 100644 Binary files a/app/src/main/assets/it/images/tor.png and b/app/src/main/assets/it/images/tor.png differ diff --git a/app/src/main/assets/it/images/user_agent.png b/app/src/main/assets/it/images/user_agent.png index 0e6a4b1e..a382d8f8 100644 Binary files a/app/src/main/assets/it/images/user_agent.png and b/app/src/main/assets/it/images/user_agent.png differ diff --git a/app/src/main/java/com/stoutner/privacybrowser/activities/GuideActivity.java b/app/src/main/java/com/stoutner/privacybrowser/activities/GuideActivity.java index ea19f3a3..68be2b5e 100644 --- a/app/src/main/java/com/stoutner/privacybrowser/activities/GuideActivity.java +++ b/app/src/main/java/com/stoutner/privacybrowser/activities/GuideActivity.java @@ -76,7 +76,7 @@ public class GuideActivity extends AppCompatActivity { @Override // Get the count of the number of tabs. public int getCount() { - return 7; + return 8; } @Override diff --git a/app/src/main/java/com/stoutner/privacybrowser/activities/MainWebViewActivity.java b/app/src/main/java/com/stoutner/privacybrowser/activities/MainWebViewActivity.java index 975814a6..33ae5b2d 100644 --- a/app/src/main/java/com/stoutner/privacybrowser/activities/MainWebViewActivity.java +++ b/app/src/main/java/com/stoutner/privacybrowser/activities/MainWebViewActivity.java @@ -153,7 +153,6 @@ public class MainWebViewActivity extends AppCompatActivity implements Navigation // The pinned domain SSL Certificate variables are public static so they can be accessed from `PinnedSslCertificateMismatchDialog`. They are also used in `onCreate()` and `applyDomainSettings()`. public static int domainSettingsDatabaseId; - public static boolean pinnedDomainSslCertificate; public static String pinnedDomainSslIssuedToCNameString; public static String pinnedDomainSslIssuedToONameString; public static String pinnedDomainSslIssuedToUNameString; @@ -313,6 +312,9 @@ public class MainWebViewActivity extends AppCompatActivity implements Navigation // `urlIsLoading` is used in `onCreate()`, `loadUrl()`, and `applyDomainSettings()`. private boolean urlIsLoading; + // `pinnedDomainSslCertificate` is used in `onCreate()` and `applyDomainSettings()`. + private boolean pinnedDomainSslCertificate; + @Override // Remove Android Studio's warning about the dangers of using SetJavaScriptEnabled. The whole premise of Privacy Browser is built around an understanding of these dangers. diff --git a/app/src/main/java/com/stoutner/privacybrowser/adapters/HistoryArrayAdapter.java b/app/src/main/java/com/stoutner/privacybrowser/adapters/HistoryArrayAdapter.java index a606e83d..0ebed74a 100644 --- a/app/src/main/java/com/stoutner/privacybrowser/adapters/HistoryArrayAdapter.java +++ b/app/src/main/java/com/stoutner/privacybrowser/adapters/HistoryArrayAdapter.java @@ -37,7 +37,7 @@ import java.util.ArrayList; public class HistoryArrayAdapter extends ArrayAdapter