https 正在参加 2021 年度 OSC 中国开源项目评选,请投票支持!
https 在 2021 年度 OSC 中国开源项目评选 中已获得 {{ projectVoteCount }} 票,请投票支持!
2021 年度 OSC 中国开源项目评选 正在火热进行中,快来投票支持你喜欢的开源项目!
2021 年度 OSC 中国开源项目评选 >>> 中场回顾
https 获得 2021 年度 OSC 中国开源项目评选「最佳人气项目」 !
授权协议 View license
开发语言 JavaScript TypeScript
操作系统 iOS
软件类型 开源软件
所属分类 手机/移动开发
开源组织
地区 不详
投 递 者 首席测试
适用人群 未知
收录时间 2021-11-26

软件简介

@nativescript-community/https

NPM version Downloads TotalDownloads Twitter Follow

The definitive way to hit HTTP based APIs in Nativescript.

Easily integrate the most reliable native networking libraries with the latest and greatest HTTPS security features.

Plugin version 2.0.0 bumps AFNetworking on iOS to 4.0.0 which no longer relies on UIWebView. Make sure to run pod repo update to get the latest AFNetworking pod on your development machine.

A drop-in replacement for the default http module.

Features

  • Modern TLS & SSL security features
  • Shared connection pooling reduces request latency
  • Silently recovers from common connection problems
  • Everything runs on a native background thread
  • Transparent GZIP
  • HTTP/2 support
  • Multiform part
  • Cache
  • Basic Cookie support

FAQ

What the flip is SSL pinning and all this security mumbo jumbo?

How to make your apps more secure with SSL pinning.

Do I have to use SSL pinning?

No. This plugin works out of the box without any security configurations needed. Either way you'll still benefit from all the features listed above.

Demo

git clone https://github.com/nativescript-community/https
cd https
npm run demo.ios
npm run demo.android

Installation

Add tns-platform-declarations for Android and iOS to your references.d.ts!

/// <reference path="./node_modules/tns-platform-declarations/android.d.ts" />
/// <reference path="./node_modules/tns-platform-declarations/ios.d.ts" />

We also recommend adding "skipLibCheck": true, to your tsconfig.json. More information on that can be found here.

Install the plugin:

tns plugin add @nativescript-community/https

Examples

Hitting an API using GET method

import * as Https from '@nativescript-community/https';
Https.request({
    url: 'https://httpbin.org/get',
    method: 'GET',
    timeout: 30, // seconds (default 10)
})
    .then(function (response) {
        console.log('Https.request response', response);
    })
    .catch(function (error) {
        console.error('Https.request error', error);
    });

Configuration

Installing your SSL certificate

Create a folder called assets in your projects app folder like so <project>/app/assets. Using chrome, go to the URL where the SSL certificate resides. View the details then drag and drop the certificate image into the assets folder.

Installing your SSL certificate

Enabling SSL pinning

import { knownFolders } from 'file-system';
import * as Https from '@nativescript-community/https';
let dir = knownFolders.currentApp().getFolder('assets');
let certificate = dir.getFile('httpbin.org.cer').path;
Https.enableSSLPinning({ host: 'httpbin.org', certificate });

Once you've enabled SSL pinning you CAN NOT re-enable with a different host or certificate file.

Disabling SSL pinning

import * as Https from '@nativescript-community/https';
Https.disableSSLPinning();

All requests after calling this method will no longer utilize SSL pinning until it is re-enabled once again.

useLegacy

There is a new option called useLegacy. You can set of every request options. When using that option the request will behave more like {N} http module.

  • the content returned by a request is not the resulting string but an object. It follows HTTPContent format for the most part. You can call toJSON or toFile. The only difference is that toFile returns a Promise<File> which means that it is async and run in a background thread!
  • an error return a content too allowing you to read its content.

Cookie

By default basic Cookie support is enabled to work like in {N} http module. In the future more options will be added

Enabling Cache

import { knownFolders, path } from '@nativescript/core/file-system';
import * as Https from '@nativescript-community/https';
Https.setCache({
    diskLocation: path.join(knownFolders.documents().path, 'httpcache'),
    diskSize: 10 * 1024 * 1024, // 10 MiB
});

/// later on when calling your request you can use the cachePolicy option

Multipart form data

If you set the Content-Type header to "multipart/form-data" the request body will be evaluated as a multipart form data. Each body parameter is expected to be in this format:

{
	data: any
    parameterName: string,
    fileName?: string
    contentType?: string
}

if fileName and contentType are set then data is expected to be either a NSData on iOS or a native.Array<number> on Android.

Options

export interface HttpsSSLPinningOptions {
    host: string;
    certificate: string;
    allowInvalidCertificates?: boolean;
    validatesDomainName?: boolean;
    commonName?: string;
}
import { HttpRequestOptions } from 'tns-core-modules/http';
export interface HttpsRequestOptions extends HTTPOptions {
    useLegacy?: boolean;
    cachePolicy?: 'noCache' | 'onlyCache' | 'ignoreCache';
    onProgress?: (current: number, total: number) => void;
}
SSLPinning Option Description
host: string This must be the request domain name eg sales.company.org.
commonName?: string Default: options.host, set if certificate CN is different from the host eg *.company.org (Android specific)
certificate: string The uri path to your .cer certificate file.
allowInvalidCertificates?: boolean Default: false. This should always be false if you are using SSL pinning. Set this to true if you're using a self-signed certificate.
validatesDomainName?: boolean Default: true. Determines if the domain name should be validated with your pinned certificate.
Requests Option Description
useLegacy?: boolean Default: false. [IOS only] set to true in order to get the response data (when status >= 300)in the content directly instead of response.body.content.
`cachePolicy?: 'noCache' 'onlyCache'
onProgress?: (current: number, total: number) => void [IOS only] Set the progress callback.

Webpack / bundling

Since you're probably shipping a certificate with your app (like our demo does), make sure it's bundled by Webpack as well. You can do this by adding the certificate(s) with the CopyWebpackPlugin.

iOS Troubleshooting

Please educate yourself on iOS's App Transport Security before starting beef!

If you try and hit an https route without adding it to App Transport Security's whitelist it will not work! You can bypass this behavior by adding the following to your projects Info.plist:

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSAllowsArbitraryLoads</key>
    <true/>
</dict>

This plugin does not add NSAllowsArbitraryLoads to your projects Info.plist for you.

Android troubleshooting

If you app crashes with a message that it's doing too much networkin on the main thread, then pass the option allowLargeResponse with value true to the request function.

Thanks

Who Why
Robert Laverty For creating and maintaining this plugin for a long time, before transfering it to me, with the help of Jeff Whelpley of GetHuman.
AFNetworking AFNetworking A delightful networking framework for iOS, OS X, watchOS, and tvOS.
Square okhttp An HTTP+HTTP/2 client for Android and Java applications.
展开阅读全文

代码

评论

点击引领话题📣
暂无内容
发表了博客
{{o.pubDate | formatDate}}

{{formatAllHtml(o.title)}}

{{parseInt(o.replyCount) | bigNumberTransform}}
{{parseInt(o.viewCount) | bigNumberTransform}}
没有更多内容
暂无内容
发表了问答
{{o.pubDate | formatDate}}

{{formatAllHtml(o.title)}}

{{parseInt(o.replyCount) | bigNumberTransform}}
{{parseInt(o.viewCount) | bigNumberTransform}}
没有更多内容
暂无内容
暂无内容
0 评论
0 收藏
分享
OSCHINA
登录后可查看更多优质内容
返回顶部
顶部