Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Crosswalk XWalkView : Request was denied for Security (Android 7.0 and greater)

I am using Crosswalk XWalkView as my application's webview, now I am loading some website that has valid certificate and works fine in Android versions < 7.

But with Android 7.0 and greater I get this toast message REQUEST WAS DENIED FOR SECURITY

and this log

06-12 17:46:46.024 22518-22731/? I/X509Util: Failed to validate the certificate chain, error: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.

I read some similar questions like this, but the solution being posted is in Cordova (see this). I am using native android and I would like to know if how can I do this on my end (native).

quote from the link

I solved this by adding the last 3 lines of the following snippet to config.xml:

<allow-navigation href="http://*/*" />
<allow-navigation href="https://*/*" />
<allow-navigation href="data:*" />

Thanks!

Basically what I want to do is to have some whitelist like Cordova does, but I don't know if how can I achieve this using Native Android and Crosswalk. First, I don't know if there's a config.xml in native android (in cordova there is), now I really need to know on how can I implement this in my project.

like image 603
Aaron Avatar asked Jun 23 '17 06:06

Aaron


1 Answers

I was able to solve this by by following the steps from android network security config I trusted additional an certificate.

Basically, the first time I tried it I was providing the wrong SSL certificate (I assumed that it was the website itself, but the one causing the error is a host for a Javascript file being loaded in the website) in my network_security_config.xml.

website_ca is the SSL certificate file

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <base-config>
        <trust-anchors>
            <certificates src="@raw/website_ca"/>
            <certificates src="system"/>
        </trust-anchors>
    </base-config>
</network-security-config>

It works fine now.

like image 153
Aaron Avatar answered Nov 05 '22 18:11

Aaron