diff options
author | Alex Klyubin <klyubin@google.com> | 2015-03-26 16:28:30 +0000 |
---|---|---|
committer | Android Git Automerger <android-git-automerger@android.com> | 2015-03-26 16:28:30 +0000 |
commit | cbffba3f477e8f899bcdf0bd1380bc537327a98f (patch) | |
tree | 706abf0da1d5f988e265775dc631fc86fb00e5c2 | |
parent | 59bd046ba52654c4de98c04ab89ec95d2eb97b8d (diff) | |
parent | 56d34066c10aec853a2629b9ad09d48e43e11e42 (diff) | |
download | okhttp-cbffba3f477e8f899bcdf0bd1380bc537327a98f.tar.gz |
am 56d34066: Merge "Honor NetworkSecurityPolicy regarding cleartext traffic."
* commit '56d34066c10aec853a2629b9ad09d48e43e11e42':
Honor NetworkSecurityPolicy regarding cleartext traffic.
-rw-r--r-- | android/main/java/com/squareup/okhttp/HttpHandler.java | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/android/main/java/com/squareup/okhttp/HttpHandler.java b/android/main/java/com/squareup/okhttp/HttpHandler.java index e843faf..f7518ad 100644 --- a/android/main/java/com/squareup/okhttp/HttpHandler.java +++ b/android/main/java/com/squareup/okhttp/HttpHandler.java @@ -17,6 +17,7 @@ package com.squareup.okhttp; +import libcore.net.NetworkSecurityPolicy; import java.io.IOException; import java.net.Proxy; import java.net.ResponseCache; @@ -68,7 +69,15 @@ public class HttpHandler extends URLStreamHandler { // Do not permit http -> https and https -> http redirects. client.setFollowSslRedirects(false); - client.setConnectionSpecs(CLEARTEXT_ONLY); + + if (NetworkSecurityPolicy.isCleartextTrafficPermitted()) { + // Permit cleartext traffic only (this is a handler for HTTP, not for HTTPS). + client.setConnectionSpecs(CLEARTEXT_ONLY); + } else { + // Cleartext HTTP denied by policy. Make okhttp deny cleartext HTTP attempts using the + // only mechanism it currently provides -- pretend there are no suitable routes. + client.setConnectionSpecs(Collections.<ConnectionSpec>emptyList()); + } // When we do not set the Proxy explicitly OkHttp picks up a ProxySelector using // ProxySelector.getDefault(). |