get(url, options) api能否忽略https请求证书验证？

[wengzhenquan]

url是https请求，但每次遇到证书过期，就无法获得数据，该怎么办？

[SuperMonster003]

截至 6.6.4 版本, AutoJs6 尚不支持通过 http 模块的选项参数实现 HTTPS 证书异常的忽略控制.

下面提供一个解决思路及示例代码 (Kotlin):

1. 自定义一个 "信任全部证书" 的 X509TrustManager
2. 使用 SSLContext 生成 SSL Socket Factory 并提供给 OkHttpClient.Builder
3. 使 HostnameVerifier 返回 true

private fun newClient(builder: Builder): OkHttpClient {
    mInterceptors.forEach { if (it !in builder.interceptors()) builder.addInterceptor(it) }
    return builder
        .readTimeout(timeout, TimeUnit.MILLISECONDS)
        .writeTimeout(timeout, TimeUnit.MILLISECONDS)
        .connectTimeout(timeout, TimeUnit.MILLISECONDS)
        .also { b ->
            if (!isInsecure) return@also
            @SuppressLint("CustomX509TrustManager")
            val trustAllCerts = arrayOf<TrustManager>(object : X509TrustManager {
                override fun checkClientTrusted(chain: Array<X509Certificate>, authType: String) = Unit
                override fun checkServerTrusted(chain: Array<X509Certificate>, authType: String) = Unit
                override fun getAcceptedIssuers(): Array<X509Certificate> = arrayOf()
            })
            val sslContext = SSLContext.getInstance("TLS").apply {
                init(null, trustAllCerts, SecureRandom())
            }
            val trustManager = trustAllCerts.first() as X509TrustManager
            b.sslSocketFactory(sslContext.socketFactory, trustManager)
            b.hostnameVerifier { _, _ -> true }
        }
        .build()
}

上述示例代码的 newClient 方法, 位于 AutoJs6 项目源码的 app/src/main/java/org/autojs/autojs/core/http/MutableOkHttp.kt 文件中.

你也可以尝试在脚本代码中按照上述 kotlin 代码的核心思路实现证书异常忽略的目标, 不过你可能需要自己重新封装或模仿一份 http 模块的代码, 具体可参考 app/src/main/java/org/autojs/autojs/runtime/api/augment/http/Http.kt 文件.