flutter_inappwebview
flutter_inappwebview copied to clipboard
pichillilorenzo
[iOS] SSL Error handling when loading site with "bad" certificate
- [x] I have read the Getting Started section
- [x] I have already searched for the same problem
Environment
| Technology | Version |
|---|---|
| Flutter version | 3.3.10 |
| Plugin version | 6.0.0-beta.22 |
| Android version | - |
| iOS version | 16.2, 16.4 |
| macOS version | - |
| Xcode version | 14.2 |
Device information:
- iOS Emulator (16.2)
- iPhone 8 (16.4)
Description
Expected behavior:
Usage of onReceivedServerTrustAuthRequest with ServerTrustAuthResponse(action: ServerTrustAuthResponseAction.PROCEED) should allow for loading the website that otherwise wouldn't be served due to an error.
Current behavior: Above combination works on Android but when testing on iOS device, requested resource is not loaded. Callback fires and is handled on native side but in the end there is a error loading page indicating that SSL error has occured:
(iOS) WebView ID 2 calling "onReceivedError" using {error: {type: -1200, description: An SSL error has occurred and a secure connection to the server cannot be made.}, request: {hasGesture: false, isRedirect: false, headers: null, isForMainFrame: true, method: GET, url: https://xyz.acme/}}
The server I am connecting to is identifying with a certificate that was issued by internal CA, so this is kind of self-signed scenario. I also tried to install CA certs on device itself but it looks like it's not picked up by this this widget (even in Safari I've been getting mixed results, depending on the device...). If I have overlooked something regarding missing settings or something, please let me know.
Steps to reproduce
I cannot post the exact code that I am using but this snippet results in the same error when the "self-signed" option is selected:
InAppWebView(
key: webViewKey,
initialUrlRequest: URLRequest(url: WebUri("https://badssl.com/")),
initialSettings: InAppWebViewSettings(
clearCache: true,
useShouldOverrideUrlLoading: true,
),
shouldOverrideUrlLoading: (controller, navigationAction) async {
return NavigationActionPolicy.ALLOW;
},
onReceivedServerTrustAuthRequest: (_, challenge) async {
return ServerTrustAuthResponse(action: ServerTrustAuthResponseAction.PROCEED);
},
onConsoleMessage: (_, consoleMessage) async {
print(consoleMessage.message);
},
onReceivedError: (_, request, error) async {
print(error.description);
}
)
👋 @UltimateVision
NOTE: This comment is auto-generated.
Are you sure you have already searched for the same problem?
Some people open new issues but they didn't search for something similar or for the same issue. Please, search for it using the GitHub issue search box or on the official inappwebview.dev website, or, also, using Google, StackOverflow, etc. before posting a new one. You may already find an answer to your problem!
If this is really a new issue, then thank you for raising it. I will investigate it and get back to you as soon as possible. Please, make sure you have given me as much context as possible! Also, if you didn't already, post a code example that can replicate this issue.
In the meantime, you can already search for some possible solutions online! Because this plugin uses native WebView, you can search online for the same issue adding android WebView [MY ERROR HERE] or ios WKWebView [MY ERROR HERE] keywords.
Following these steps can save you, me, and other people a lot of time, thanks!
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
@pichillilorenzo
I'm encountering a similar problem with iOS 16 using flutter_inappwebview: ^6.0.0-beta.24+1. The PROCEED action within the onReceivedServerTrustAuthRequest method doesn't appear to function correctly. Assistance on this matter would be greatly appreciated. Notably, the same URL functions as expected in the native WKWebView and Safari browser, suggesting the issue lies within the flutter_inappwebview package.
@pichillilorenzo
I'm encountering a similar problem with iOS 17 using flutter_inappwebview: 6.0.0-beta.25 too. I think that The PROCEED action within the onReceivedServerTrustAuthRequest method doesn't appear to function correctly, too.
In the code below, sslError is printed only once in working case, but it is called twice in not working case.
(1) working (ipad mini4, ios15.8, flutter_inappwebview: 6.0.0-beta.25)
[InAppWebView] (iOS) WebView ID 0 calling "onWebViewCreated" using []
[InAppWebViewController] (iOS) WebView ID 0 calling "onUpdateVisitedHistory" using {isReload: null, url: https://210.183.6.229:58085/tablet/entry}
[InAppWebViewController] (iOS) WebView ID 0 calling "shouldOverrideUrlLoading" using {isForMainFrame: true, targetFrame: {request: {body: null, timeoutInterval: 2147483647.0, allowsCellularAccess: true, mainDocumentURL: null, method: GET, attribution: 0, allowsConstrainedNetworkAccess: true, httpShouldHandleCookies: true, headers: {}, allowsExpensiveNetworkAccess: true, cachePolicy: 0, httpShouldUsePipelining: true, networkServiceType: 0, url: , assumesHTTP3Capable: false}, securityOrigin: {protocol: , host: , port: 0}, isMainFrame: true}, hasGesture: null, navigationType: -1, isRedirect: null, sourceFrame: {isMainFrame: false, request: null, securityOrigin: {host: , port: 0, protocol: }}, shouldPerformDownload: false, request: {httpShouldHandleCookies: true, mainDocumentURL: https://210.183.6.229:58085/tablet/entry, headers: {User-Agent: Mozilla/5.0 (iPad; CPU OS 15_8 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148, Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8}...
[InAppWebViewController] (iOS) WebView ID 0 calling "onReceivedServerTrustAuthRequest" using {protectionSpace: {authenticationMethod: NSURLAuthenticationMethodServerTrust, realm: null, sslError: {message: Indicates a trust policy failure which can be overridden by the user., code: 5}, host: 210.183.6.229, procotol: https, sslCertificate: {issuedBy: null, validNotAfterDate: null, validNotBeforeDate: null, x509Certificate: [48, 130, 6, 57, 48, 130, 5, 33, 160, 3, 2, 1, 2, 2, 16, 42, 58, 38, 4, 191, 239, 185, 248, 195, 197, 0, 223, 147, 177, 26, 229, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 11, 5, 0, 48, 129, 143, 49, 11, 48, 9, 6, 3, 85, 4, 6, 19, 2, 71, 66, 49, 27, 48, 25, 6, 3, 85, 4, 8, 19, 18, 71, 114, 101, 97, 116, 101, 114, 32, 77, 97, 110, 99, 104, 101, 115, 116, 101, 114, 49, 16, 48, 14, 6, 3, 85, 4, 7, 19, 7, 83, 97, 108, 102, 111, 114, 100, 49, 24, 48, 22, 6, 3, 85, 4, 10, 19, 15, 83, 101, 99, 116, 105, 103, 111, 32, 76, 105, 109, 105, 116, 101, 100, 49, 55, 48, 53, 6, 3, 85, 4, 3, 19, 46, 83, 10...
flutter: ------------- onReceivedServerTrustAuthRequest
[InAppWebViewController] (iOS) WebView ID 0 calling "onLoadStart" using {url: https://210.183.6.229:58085/tablet/entry}
[InAppWebViewController] (iOS) WebView ID 0 calling "onProgressChanged" using {progress: 41}
[InAppWebViewController] (iOS) WebView ID 0 calling "onPageCommitVisible" using {url: https://210.183.6.229:58085/tablet/entry}
[InAppWebViewController] (iOS) WebView ID 0 calling "onTitleChanged" using {title: COORDI TABLET}
[InAppWebViewController] (iOS) WebView ID 0 calling "onProgressChanged" using {progress: 41}
flutter: ------------- onReceivedServerTrustAuthRequest
[InAppWebViewController] (iOS) WebView ID 0 calling "onReceivedServerTrustAuthRequest" using {protectionSpace: {host: t1.daumcdn.net, realm: null, sslCertificate: {issuedBy: null, issuedTo: null, validNotBeforeDate: null, validNotAfterDate: null, x509Certificate: [48, 130, 4, 207, 48, 130, 4, 117, 160, 3, 2, 1, 2, 2, 16, 8, 8, 198, 50, 173, 15, 168, 207, 101, 74, 87, 170, 57, 101, 119, 153, 48, 10, 6, 8, 42, 134, 72, 206, 61, 4, 3, 2, 48, 92, 49, 11, 48, 9, 6, 3, 85, 4, 6, 19, 2, 85, 83, 49, 21, 48, 19, 6, 3, 85, 4, 10, 19, 12, 68, 105, 103, 105, 67, 101, 114, 116, 32, 73, 110, 99, 49, 25, 48, 23, 6, 3, 85, 4, 11, 19, 16, 119, 119, 119, 46, 100, 105, 103, 105, 99, 101, 114, 116, 46, 99, 111, 109, 49, 27, 48, 25, 6, 3, 85, 4, 3, 19, 18, 84, 104, 97, 119, 116, 101, 32, 69, 67, 67, 32, 67, 65, 32, 50, 48, 49, 56, 48, 30, 23, 13, 50, 51, 48, 49, 49, 54, 48, 48, 48, 48, 48, 48, 90, 23, 13, 50, 52, 48, 49, 51, 48, 50, 51, 53, 57, 53, 57, 90, 48, 95, 49, 11, 48, 9, 6, 3, 85, 4, 6, 19, 2, 75, 82, 49, 16, 48, 14, 6, 3,...
[InAppWebViewController] (iOS) WebView ID 0 calling "onProgressChanged" using {progress: 44}
[InAppWebViewController] (iOS) WebView ID 0 calling "onProgressChanged" using {progress: 88}
flutter: ConsoleMessage{message: TABLET entry mozilla/5.0 (ipad; cpu os 15_8 like mac os x) applewebkit/605.1.15 (khtml, like gecko) mobile/15e148 python, messageLevel: LOG}
[InAppWebViewController] (iOS) WebView ID 0 calling "onConsoleMessage" using {message: TABLET entry mozilla/5.0 (ipad; cpu os 15_8 like mac os x) applewebkit/605.1.15 (khtml, like gecko) mobile/15e148 python, messageLevel: 1}
[InAppWebViewController] (iOS) WebView ID 0 calling "onProgressChanged" using {progress: 89}
[InAppWebViewController] (iOS) WebView ID 0 calling "onProgressChanged" using {progress: 100}
[InAppWebViewController] (iOS) WebView ID 0 calling "onLoadStop" using {url: https://210.183.6.229:58085/tablet/entry}
[InAppWebViewController] (iOS) WebView ID 0 calling "onContentSizeChanged" using {oldContentSize: {width: 0.0, height: 0.0}, newContentSize: {width: 768.0, height: 836.0}}
(2) not working (ipad air 4, ios 17.1, flutter_inappwebview: 6.0.0-beta.25)
[InAppWebView] (iOS) WebView ID 0 calling "onWebViewCreated" using []
[InAppWebViewController] (iOS) WebView ID 0 calling "onUpdateVisitedHistory" using {url: https://210.183.6.229:58085/tablet/entry, isReload: null}
flutter: ------------- onReceivedServerTrustAuthRequest
[InAppWebViewController] (iOS) WebView ID 0 calling "shouldOverrideUrlLoading" using {isForMainFrame: true, isRedirect: null, shouldPerformDownload: false, hasGesture: null, targetFrame: {request: {timeoutInterval: 2147483647.0, allowsCellularAccess: true, headers: {}, body: null, httpShouldHandleCookies: true, mainDocumentURL: null, assumesHTTP3Capable: false, url: , networkServiceType: 0, cachePolicy: 0, httpShouldUsePipelining: true, attribution: 0, method: GET, allowsConstrainedNetworkAccess: true, allowsExpensiveNetworkAccess: true}, securityOrigin: {port: 0, host: , protocol: }, isMainFrame: true}, navigationType: -1, request: {timeoutInterval: 60.0, body: null, cachePolicy: 0, httpShouldUsePipelining: false, assumesHTTP3Capable: false, allowsCellularAccess: true, httpShouldHandleCookies: true, networkServiceType: 0, headers: {Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8, User-Agent: Mozilla/5.0 (iPad; CPU OS 17_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/1...
[InAppWebViewController] (iOS) WebView ID 0 calling "onReceivedServerTrustAuthRequest" using {protectionSpace: {distinguishedNames: null, port: 58085, sslError: {code: 5, message: Indicates a trust policy failure which can be overridden by the user.}, receivesCredentialSecurely: true, procotol: https, realm: null, host: 210.183.6.229, sslCertificate: {validNotAfterDate: null, validNotBeforeDate: null, x509Certificate: [48, 130, 6, 57, 48, 130, 5, 33, 160, 3, 2, 1, 2, 2, 16, 42, 58, 38, 4, 191, 239, 185, 248, 195, 197, 0, 223, 147, 177, 26, 229, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 11, 5, 0, 48, 129, 143, 49, 11, 48, 9, 6, 3, 85, 4, 6, 19, 2, 71, 66, 49, 27, 48, 25, 6, 3, 85, 4, 8, 19, 18, 71, 114, 101, 97, 116, 101, 114, 32, 77, 97, 110, 99, 104, 101, 115, 116, 101, 114, 49, 16, 48, 14, 6, 3, 85, 4, 7, 19, 7, 83, 97, 108, 102, 111, 114, 100, 49, 24, 48, 22, 6, 3, 85, 4, 10, 19, 15, 83, 101, 99, 116, 105, 103, 111, 32, 76, 105, 109, 105, 116, 101, 100, 49, 55, 48, 53, 6, 3, 85, 4, 3, 19, 46, 83, 101, ...
[InAppWebViewController] (iOS) WebView ID 0 calling "onLoadStart" using {url: https://210.183.6.229:58085/tablet/entry}
flutter: ------------- onReceivedServerTrustAuthRequest
[InAppWebViewController] (iOS) WebView ID 0 calling "onReceivedServerTrustAuthRequest" using {protectionSpace: {procotol: https, sslError: {code: 5, message: Indicates a trust policy failure which can be overridden by the user.}, host: 210.183.6.229, realm: null, authenticationMethod: NSURLAuthenticationMethodServerTrust, receivesCredentialSecurely: true, proxyType: null, sslCertificate: {x509Certificate: [48, 130, 6, 57, 48, 130, 5, 33, 160, 3, 2, 1, 2, 2, 16, 42, 58, 38, 4, 191, 239, 185, 248, 195, 197, 0, 223, 147, 177, 26, 229, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 11, 5, 0, 48, 129, 143, 49, 11, 48, 9, 6, 3, 85, 4, 6, 19, 2, 71, 66, 49, 27, 48, 25, 6, 3, 85, 4, 8, 19, 18, 71, 114, 101, 97, 116, 101, 114, 32, 77, 97, 110, 99, 104, 101, 115, 116, 101, 114, 49, 16, 48, 14, 6, 3, 85, 4, 7, 19, 7, 83, 97, 108, 102, 111, 114, 100, 49, 24, 48, 22, 6, 3, 85, 4, 10, 19, 15, 83, 101, 99, 116, 105, 103, 111, 32, 76, 105, 109, 105, 116, 101, 100, 49, 55, 48, 53, 6, 3, 85, 4, 3, 19, 46, 83, 101, 99, 116, 105,...
[InAppWebViewController] (iOS) WebView ID 0 calling "onReceivedError" using {request: {headers: null, url: https://210.183.6.229:58085/tablet/entry, isForMainFrame: true, method: GET, isRedirect: false, hasGesture: false}, error: {type: -1200, description: An SSL error has occurred and a secure connection to the server cannot be made.}}
[InAppWebViewController] (iOS) WebView ID 0 calling "onProgressChanged" using {progress: 100}
[InAppWebViewController] (iOS) WebView ID 0 calling "onZoomScaleChanged" using {newScale: 1.204081654548645, oldScale: 1.0}
[InAppWebViewController] (iOS) WebView ID 0 calling "onContentSizeChanged" using {newContentSize: {height: 608.0, width: 1180.0}, oldContentSize: {width: 0.0, height: 0.0}}
[InAppWebViewController] (iOS) WebView ID 0 calling "onContentSizeChanged" using {newContentSize: {height: 608.0, width: 1180.0}, oldContentSize: {width: 980.0, height: 505.0}}
I got same an error.
iOS using flutter_inappwebview: 6.0.0-beta.28 An SSL error has occurred and a secure connection to the server cannot be made
