Android WebView blocks redirect from https to http

最近遇到一个问题,在webview里面加载https url的时候,如果里面需要加载http的资源或者重定向的时候,webview会block页面加载。这应该是android 4.4以来google对安全机制的提升。

所以webview也为开发者增加了新的api。具体错误如下:

[INFO:CONSOLE(0)] “Mixed Content: The page at ‘https://m.wanzhoumo.com/?zmsource=lifecalendar’ was loaded over HTTPS, but requested an insecure image ‘http://cdn.wanzhoumo.com/data/public/operating/2016/03/25_73/14588983970673381.jpg!720x500‘. This request has been blocked; the content must be served over HTTPS.”, source: https://m.wanzhoumo.com/?zmsource=lifecalendar (0)

public static final int MIXED_CONTENT_ALWAYS_ALLOW

Added in API level 21
Used with setMixedContentMode(int) In this mode, the WebView will allow a secure origin to load content from any other origin, even if that origin is insecure. This is the least secure mode of operation for the WebView, and where possible apps should not set this mode.

Constant Value: 0 (0x00000000)
WebSettings settings = webview.getSettings();
        settings.setJavaScriptEnabled(true);
        settings.setDomStorageEnabled(true);
        settings.setAllowFileAccess(true);
        settings.setAppCacheEnabled(true);
        if(Build.VERSION.SDK_INT >= Build.VERSION_CODES.KITKAT){
            settings.setMixedContentMode(WebSettings.MIXED_CONTENT_ALWAYS_ALLOW);
        }

如果觉得本人帮助到您,就请客官打赏一下小弟一瓶饮料喽。

你可能感兴趣的:(Android)