In my android application I need to display 3rd-party registration form inside WebView
. Unfortunately, I need to also support android versions < 4.3, where you get SSL handshake error when you connect to the website. I was, however, able to create direct requests on android 4.1+ with a custom SSL context which has TLS 1.1 explicitly enabled, but I can't pass this SSL context into my WebView
. I tried to make custom WebViewClient
private WebViewClient webViewClient = new WebViewClient() {
@Override
public void onPageFinished(WebView webView, String url) {
if (presenter != null) {
presenter.onLoadFinished();
}
}
@Override
public void onReceivedError(WebView webView,
WebResourceRequest request,
WebResourceError error) {
if (presenter != null) {
presenter.onLoadError();
}
}
@Override
public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error){
handler.proceed();
}
@Override
public boolean shouldOverrideUrlLoading(WebView webView, String url) {
Request request = new Request.Builder().url(url).build();
final Handler handler = new Handler(mContext.getMainLooper());
//mOkHttpClient is an OkHttpClient with my custom SSLContext which has TLS 1.1 and TLS 1.2 enabled
mOkHttpClient.newCall(request).enqueue(new Callback() {
@Override
public void onFailure(Call call, IOException e) {
}
@Override
public void onResponse(Call call, final okhttp3.Response response) throws IOException {
handler.post(new Runnable() {
@Override
public void run() {
try {
webView.loadDataWithBaseURL(
null, response.body().string(), "text/html", "utf-8", null);
} catch (IOException e) {
e.printStackTrace();
}
}
});
}
});
}
};
But that didn't work since shouldOverrideUrlLoading
is not called on POST requests.
Is there a way to make this work(probably some alternative to WebView
)? Any help is appreciated.
TLS 1.2 is supported on devices running Android 4.1. x or greater (API level 16).
In Android 10 and higher, TLS 1.3 is enabled by default for all TLS connections.
As part of ongoing efforts to modernize platforms, and to improve security and reliability, TLS 1.0 and 1.1 have been deprecated by the Internet Engineering Task Force (IETF) as of March 25, 2021.
I'm not sure if you can make it work with the current WebView but I would recommend you to have a look at: https://crosswalk-project.org/documentation/android.html to replace the WebView.
This is built upon latest version of Chrome and you won't have problems with that version of Android the user is running on.
I'm sure there are other alternatives too, but this is the one I'm using for work and I know work.
Best of luck to you.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With