平台
CPU: RK3288
OS: android 5.11
问题
浏览器访问HTTPS网站时, 弹出 “该网站的安全证书有问题。”对话框, 需点击返回/查看证书/继续, 有时会弹出多个.
原因
初步复现的方法: 关闭 自动确定日期和时间, 并把时间设置到 2011, 打开浏览器并访问如: https://www.baidu.com
弹窗位置:
|–packages/apps/Browser/src/com/android/browser/Tab.java
/** --由这个回调发起 * Displays SSL error(s) dialog to the user. */ @Override public void onReceivedSslError(final WebView view, final SslErrorHandler handler, final SslError error) { if (!mInForeground) { handler.cancel(); setSecurityState(SecurityState.SECURITY_STATE_NOT_SECURE); return; } if (mSettings.showSecurityWarnings()) {//设置项判断是否要显示 new AlertDialog.Builder(mContext) .setTitle(R.string.security_warning) .setMessage(R.string.ssl_warnings_header) .setIconAttribute(android.R.attr.alertDialogIcon) .setPositiveButton(R.string.ssl_continue, new DialogInterface.OnClickListener() { @Override public void onClick(DialogInterface dialog, int whichButton) { handler.proceed(); handleProceededAfterSslError(error); } }) .setNeutralButton(R.string.view_certificate, new DialogInterface.OnClickListener() { @Override public void onClick(DialogInterface dialog, int whichButton) { mWebViewController.showSslCertificateOnError( view, handler, error); } }) .setNegativeButton(R.string.ssl_go_back, new DialogInterface.OnClickListener() { @Override public void onClick(DialogInterface dialog, int whichButton) { dialog.cancel(); } }) .setOnCancelListener( new DialogInterface.OnCancelListener() { @Override public void onCancel(DialogInterface dialog) { handler.cancel(); setSecurityState(SecurityState.SECURITY_STATE_NOT_SECURE); mWebViewController.onUserCanceledSsl(Tab.this); } }) .show(); } else { handler.proceed(); } }
PS: 根本原因暂未查明.
解决方案
diff --git a/packages/apps/Browser/res/xml/privacy_security_preferences.xml b/packages/apps/Browser/res/xml/privacy_security_preferences.xml old mode 100644 new mode 100755 index 2633600..68628b6 --- a/packages/apps/Browser/res/xml/privacy_security_preferences.xml +++ b/packages/apps/Browser/res/xml/privacy_security_preferences.xml @@ -33,7 +33,7 @@ <CheckBoxPreference android:key="show_security_warnings" - android:defaultValue="true" + android:defaultValue="false" android:title="@string/pref_security_show_security_warning" android:summary="@string/pref_security_show_security_warning_summary" /> diff --git a/packages/apps/Browser/src/com/android/browser/BrowserSettings.java b/packages/apps/Browser/src/com/android/browser/BrowserSettings.java old mode 100644 new mode 100755 index c28ea4e..73ad98a --- a/packages/apps/Browser/src/com/android/browser/BrowserSettings.java +++ b/packages/apps/Browser/src/com/android/browser/BrowserSettings.java @@ -798,7 +798,7 @@ public class BrowserSettings implements OnSharedPreferenceChangeListener, // ----------------------------- public boolean showSecurityWarnings() { - return mPrefs.getBoolean(PREF_SHOW_SECURITY_WARNINGS, true); + return mPrefs.getBoolean(PREF_SHOW_SECURITY_WARNINGS, false);//do NOT show warning dialog. } public boolean acceptCookies() {
