我在Android项目中使用WebViewClient.onReceivedSslError处理程序的实现修复了漏洞,但我想知道如何测试它。
以前我的代码是:
@Override
public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {
Log.d("message","message");
handler.proceed(); // Ignore SSL certificate errors
}
并在我修复之后:
@Override
public void onReceivedSslError(WebView view, final SslErrorHandler handler, SslError error) {
Log.d("a message","a message");
final AlertDialog.Builder builder = new AlertDialog.Builder(view.getContext());
builder.setTitle("Error");
builder.setMessage("Certificate is invalid");
builder.setPositiveButton("continue", new DialogInterface.OnClickListener() {
@Override
public void onClick(DialogInterface dialog, int which) {
handler.proceed();
}
});
builder.setNegativeButton("cancel", new DialogInterface.OnClickListener() {
@Override
public void onClick(DialogInterface dialog, int which) {
handler.cancel();
}
});
final AlertDialog dialog = builder.create();
dialog.show();
}
例如,我可以修改android模拟器中的主机,以指向可以抛出ssl异常的页面吗?
您可以通过以下步骤生成错误: