Giters

silkimen / cordova-plugin-advanced-http

Cordova / Phonegap plugin for communicating with HTTP servers. Allows for SSL pinning!

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

[Bug] setServerTrustMode ignored with uploadFile

Hamata6 opened this issue · comments

commented

Describe the bug
The setServerTrustMode() method doesn't do anything when calling uploadFile() in the latest 3.2.1 version. For example, setServerTrustMode("nocheck") still gives me this error:
The certificate for this server is invalid. You might be connecting to a server that is pretending to be “(my domain with self signed certificate)” which could put your confidential information at risk.

I downgraded to v3.2.0 and then the issue wasn't there. So it must happened in 3.2.1.

Stackstrace 
2021-09-27 10:44:15.136348+0200 App[52435:1750740] Connection 7: default TLS Trust evaluation failed(-9807)
2021-09-27 10:44:15.136465+0200 App[52435:1750740] Connection 7: TLS Trust encountered error 3:-9807
2021-09-27 10:44:15.136519+0200 App[52435:1750740] Connection 7: encountered error(3:-9807)
2021-09-27 10:44:15.137236+0200 App[52435:1750740] Task <D72074CC-9083-435A-A8FE-C2B39A1E0404>.<1> HTTP load failed, 0/0 bytes (error code: -1202 [3:-9807])
2021-09-27 10:44:15.137617+0200 App[52435:1750748] Task <D72074CC-9083-435A-A8FE-C2B39A1E0404>.<1> finished with error [-1202] Error Domain=NSURLErrorDomain Code=-1202 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be “(domain)” which could put your confidential information at risk." UserInfo={NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, NSErrorPeerCertificateChainKey=(
    "<cert(0x7fd86682d000) s: (domain) i: (domain)>"
), NSErrorClientCertificateStateKey=0, NSErrorFailingURLKey=https://(domain), NSErrorFailingURLStringKey=https://(domain), NSUnderlyingError=0x60000393bc00 {Error Domain=kCFErrorDomainCFNetwork Code=-1202 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x6000006c4aa0>, _kCFNetworkCFStreamSSLErrorOriginalValue=-9807, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9807, kCFStreamPropertySSLPeerCertificates=(
    "<cert(0x7fd86682d000) s: (domain) i: (domain)>"
)}}, _NSURLErrorRelatedURLSessionTaskErrorKey=(
    "LocalUploadTask <D72074CC-9083-435A-A8FE-C2B39A1E0404>.<1>"
), _kCFStreamErrorCodeKey=-9807, _NSURLErrorFailingURLSessionTaskErrorKey=LocalUploadTask <D72074CC-9083-435A-A8FE-C2B39A1E0404>.<1>, NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x6000006c4aa0>, NSLocalizedDescription=The certificate for this server is invalid. You might be connecting to a server that is pretending to be “(domain)” which could put your confidential information at risk.}

System info

  • affected HTTP plugin version: 3.2.1
  • affected platform(s) and version(s): iOS 15.0 (simulator)
  • affected device(s): iPhone 12 (simulator)
  • cordova version: Ionic Capacitor 2.5.0
  • cordova platform version(s): Ionic 5, Angular 11.2, Capacitor 2.5.0

Are you using ionic-native-wrapper?
Yes

Minimum viable code to reproduce

import { HTTP } from "@ionic-native/http";
...
HTTP.setServerTrustMode("nocheck");
HTTP.uploadFile(url, body, headers, filePath, filename)