Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unsafe implementation of Trustmanager #1243

Closed
dpreussler opened this issue Feb 24, 2017 · 1 comment
Closed

Unsafe implementation of Trustmanager #1243

dpreussler opened this issue Feb 24, 2017 · 1 comment

Comments

@dpreussler
Copy link

dpreussler commented Feb 24, 2017
edited

reopened version of
#1107

This is not a false alarm, this library contains an unsafe Trustmanager
https://github.com/loopj/android-async-http/blob/f53deef7ad5b02b42b59dab92f66dec4fde8e1f6/library/src/main/java/com/loopj/android/http/MySSLSocketFactory.java

The issue this file is addressing was fixed in ICS
https://code.google.com/p/android/issues/detail?id=13117#c14

So it should be removed else apps using android-async-http will continue to receive letter of removal warnings from playstore.
dpreussler pushed a commit to dpreussler/android-async-http that referenced this issue Feb 24, 2017
android-async-http#1243 removed pre ICS code of trust manager
4d6f6f2
@smarek
Copy link
Member

smarek commented May 22, 2019

Thanks for your report, this is solved in 1.5.0

@smarek smarek closed this as completed May 22, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@smarek @dpreussler