feat: re-enable TLS checks for Android and dev proxy (#10386)

lucasfernog · web-flow · commit 289ae5555da3 · 2024-07-29T10:43:59.000-03:00
* feat: re-enable TLS checks for Android and dev proxy

* update time
diff --git a/.changes/remove-unsecure-configs.md b/.changes/remove-unsecure-configs.md
@@ -0,0 +1,8 @@
+---
+"tauri-cli": patch:sec
+"@tauri-apps/cli": patch:sec
+"tauri": patch:sec
+---
+
+Re-enable TLS checks that were previously disabled to support an insecure HTTPS custom protocol on Android which is no longer used.
+
diff --git a/core/tauri/src/protocol/tauri.rs b/core/tauri/src/protocol/tauri.rs
@@ -103,13 +103,8 @@ fn get_response<R: Runtime>(
       .decode_utf8_lossy()
       .to_string();
     let url = format!("{url}{decoded_path}");
-    #[allow(unused_mut)]
-    let mut client_builder = reqwest::ClientBuilder::new();
-    #[cfg(any(feature = "native-tls", feature = "rustls-tls"))]
-    {
-      client_builder = client_builder.danger_accept_invalid_certs(true);
-    }
-    let mut proxy_builder = client_builder
+
+    let mut proxy_builder = reqwest::ClientBuilder::new()
       .build()
       .unwrap()
       .request(request.method().clone(), &url);
diff --git a/examples/api/src-tauri/Cargo.lock b/examples/api/src-tauri/Cargo.lock
diff --git a/examples/api/vite.config.js b/examples/api/vite.config.js
@@ -33,8 +33,8 @@ export default defineConfig({
     hmr: mobile
       ? {
           protocol: 'ws',
-          host: internalIpV4Sync(),
-          port: 1421
+          host: mobile ? internalIpV4Sync() : 'localhost',
+          port: 1430
         }
       : undefined,
     fs: {
diff --git a/tooling/cli/src/mobile/android/build.rs b/tooling/cli/src/mobile/android/build.rs
@@ -26,7 +26,7 @@ use cargo_mobile2::{
   target::TargetTrait,
 };
 
-use std::env::{set_current_dir, set_var};
+use std::env::set_current_dir;
 
 #[derive(Debug, Clone, Parser)]
 #[clap(
@@ -122,9 +122,6 @@ pub fn command(options: Options, noise_level: NoiseLevel) -> Result<()> {
     (interface, app, config, metadata)
   };
 
-  set_var("WRY_RUSTWEBVIEWCLIENT_CLASS_EXTENSION", "");
-  set_var("WRY_RUSTWEBVIEW_CLASS_INIT", "");
-
   let profile = if options.debug {
     Profile::Debug
   } else {
diff --git a/tooling/cli/src/mobile/android/dev.rs b/tooling/cli/src/mobile/android/dev.rs
@@ -32,16 +32,7 @@ use cargo_mobile2::{
   target::TargetTrait,
 };
 
-use std::env::{set_current_dir, set_var};
-
-const WEBVIEW_CLIENT_CLASS_EXTENSION: &str = "
-    @android.annotation.SuppressLint(\"WebViewClientOnReceivedSslError\")
-    override fun onReceivedSslError(view: WebView?, handler: SslErrorHandler, error: android.net.http.SslError) {
-        handler.proceed()
-    }
-";
-const WEBVIEW_CLASS_INIT: &str =
-  "this.settings.mixedContentMode = android.webkit.WebSettings.MIXED_CONTENT_ALWAYS_ALLOW";
+use std::env::set_current_dir;
 
 #[derive(Debug, Clone, Parser)]
 #[clap(
@@ -154,12 +145,6 @@ fn run_command(options: Options, noise_level: NoiseLevel) -> Result<()> {
     (interface, app, config, metadata)
   };
 
-  set_var(
-    "WRY_RUSTWEBVIEWCLIENT_CLASS_EXTENSION",
-    WEBVIEW_CLIENT_CLASS_EXTENSION,
-  );
-  set_var("WRY_RUSTWEBVIEW_CLASS_INIT", WEBVIEW_CLASS_INIT);
-
   let tauri_path = tauri_dir();
   set_current_dir(tauri_path).with_context(|| "failed to change current working directory")?;
 
