在Android中获取HTTPS GET请求的内容

时间:2012-02-20 13:13:39

标签: android ssl https get request

我有以下代码,它接受普通的HTTP GET请求并将输出html作为字符串返回。

public static String getURLContent(String URL){
        String Result = "";
        String IP = "http://localhost/";
        try {
            // Create a URL for the desired page
            URL url = new URL(IP.concat(URL));

            // Read all the text returned by the server
            BufferedReader in = new BufferedReader(new InputStreamReader(url.openStream()));
            String str;
            while ((str = in.readLine()) != null) {
                // str is one line of text; readLine() strips the newline character(s)
                Result = Result+str+"~";
            }
            in.close();
        } catch (MalformedURLException e) {
            e.printStackTrace();
        } catch (IOException e) {
            e.printStackTrace();
        }
        return Result;
    }

我想为无符号的ssl证书实现同样的东西,但我在Java或Android编程方面有点新手,并且发现以前对类似问题的一些回答非常混乱。

有人可以更改上面的代码来处理HTTPS请求吗?

另一个问题是,如果我通过GET请求发送未加密的数据并将数据库条目打印到该函数返回其内容的网页上,是否存在中间人攻击的风险?使用POST请求会更好吗?

我选择使用SSL的原因是因为有人告诉我发送的数据是加密的。数据是敏感的,如果我发送类似localhost / login.php的东西?user = jim& password = sd7vbsksd8将返回" user = jim permission = admin age = 23"这是我不希望他人看到他们是否只是使用浏览器并发送相同请求的数据。

1 个答案:

答案 0 :(得分:1)

试试这个:

import java.io.IOException;
import java.io.InputStreamReader;
import java.net.URI;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.DefaultHttpClient;
public class TestHttpGet {
    public void executeHttpGet() throws Exception {
        BufferedReader in = null;
        try {
            HttpClient client = new DefaultHttpClient();
            HttpGet request = new HttpGet();
            request.setURI(new URI("http://w3mentor.com/"));
            HttpResponse response = client.execute(request);
            in = new BufferedReader
            (new InputStreamReader(response.getEntity().getContent()));
            StringBuffer sb = new StringBuffer("");
            String line = "";
            String NL = System.getProperty("line.separator");
            while ((line = in.readLine()) != null) {
                sb.append(line + NL);
            }
            in.close();
            String page = sb.toString();
            System.out.println(page);
            } finally {
            if (in != null) {
                try {
                    in.close();
                    } catch (IOException e) {
                    e.printStackTrace();
                }
            }
        }
    }
}

我们可以将参数添加到HTTP Get请求

HttpGet method = new HttpGet("http://w3mentor.com/download.aspx?key=valueGoesHere");
client.execute(method);

Android应该自动使用ssl。也许您在localhost上使用的ssl证书不受信任?检查一下:Trusting all certificates using HttpClient over HTTPS

检查您是否可以使用浏览器浏览https://yourhost/login.php?user=jim&password=sd7vbsksd8

相关问题
最新问题