B4J Question [SOLVED] possible webview cache issue?

aminoacid

Active Member
Licensed User
Longtime User
This is something that has stumped me.

I cannot figure out why the following URL:


works in Chrome and Edge but will not load in webview. This is just a simple apache test page. Nothing complex at all.

I wrote a simple B4J App to test it out. Just one webview control and nothing else. See below - this is the whole program:

B4X: 
#Region Project Attributes
    #MainFormWidth: 600
    #MainFormHeight: 600
#End Region

Sub Process_Globals
    Private fx As JFX
    Private MainForm As Form
    Private xui As XUI
    Private WebView1 As WebView
End Sub

Sub AppStart (Form1 As Form, Args() As String)
    MainForm = Form1
    MainForm.RootPane.LoadLayout("Layout1")
    MainForm.Show
    WebView1.LoadUrl("https://strikenet-tx.com/apache.html")
    'WebView1.LoadUrl("https://www.google.com")
End Sub


I tried various web sites like google, etc. It works fine. But I just get a blank screen with the URL "https://strikenet-tx.com/apache.html". And like I said. This URL/page loads fine in all other browsers.

Any suggestions would be appreciated. I have spent a whole day trying to figure this out and I give up!

Thanks!
 
Solution
Ok.... I got it to work. Thank you @sedd and @Sandman
Once I added the certificate to the local JRE cacerts file, I could view the page.
The procedure to do this is outlined in the link below.

Support

knowledge.informatica.com

[edit] This resolves the problem but it got me thinking about what if you need to distribute the application? You can't expect the end-user to have to add the certificate manually. The certificate is a purchased, perfectly valid certificate (issued by DigiCert) and works in other browsers so it seems strange that this behavior is specific to browsers like curl and webview.
Sort by date Sort by votes

Sandman

Expert
Licensed User
Longtime User
It's related to the cert the site uses. A quick test with the lovely tool curl gives this response:
Bash: 
sandman@woopwoop:~ curl https://strikenet-tx.com/apache.html
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
sandman@woopwoop:~

I'm no expert with certs etc, but this is how I picture the situation: Each browser has their own list of acceptable certs. It's in the interests of the big browsers to keep their lists updated so everything works for the users. But then we have stuff like curl and Java, which have their own lists. For whatever reason they don't seem to be updated as quickly as the browsers.

And the site in question have a very new certificate, probably generated in February this year.

Searching for the first line in the curl output I found this SO thread:

curl: (60) SSL certificate problem: unable to get local issuer certificate

root@sclrdev:/home/sclr/certs/FreshCerts# curl --ftp-ssl --verbose ftp://{abc}/ -u trup:trup --cacert /etc/ssl/certs/ca-certificates.crt * About to connect() to {abc} port 21 (#0) * Trying {abc}....
stackoverflow.com

Looking at the top answer, the solution is to update the list of certs in curl. And as far as I can tell that's what @sedd explained in #4 also.

I think this is fairly correct, but I don't know what the best solution is though.
 
Upvote 0

aminoacid

Active Member
Licensed User
Longtime User
The last time I worked on the code it was working fine so that's why I thought it was a caching issue and decided to see if just a simple web page would load from the server. The server, BTW is a B4J websockets server (jserver 3.0). Also, everything works fine with B4A and B4I webview. Just B4J that chokes.
 
Upvote 0

aminoacid

Active Member
Licensed User
Longtime User
Ok.... I got it to work. Thank you @sedd and @Sandman
Once I added the certificate to the local JRE cacerts file, I could view the page.
The procedure to do this is outlined in the link below.

Support

knowledge.informatica.com

[edit] This resolves the problem but it got me thinking about what if you need to distribute the application? You can't expect the end-user to have to add the certificate manually. The certificate is a purchased, perfectly valid certificate (issued by DigiCert) and works in other browsers so it seems strange that this behavior is specific to browsers like curl and webview.
 
Last edited:
Upvote 0
Solution

aminoacid

Active Member
Licensed User
Longtime User
aeric said:
How do you output the html page with JServer?
Click to expand...

I'm running a B4J websockets appliction that uses jServer. The home sub-directory is "www" with index.html as the default page. I just placed the apache test page in this folder.
 
Upvote 0

aeric

Expert
Licensed User
Longtime User
Another solution is to use HU2_ACCEPTALL in Conditional Symbols and use OkHttpUtils2 to download the page then display using WebView1.LoadHtml(job.GetString)
But I am not sure it is already fixed at your side.
 

Attachments

  • WebViewTest.zip
    2.3 KB · Views: 149
Upvote 0

aminoacid

Active Member
Licensed User
Longtime User
aeric said:
Another solution is to use HU2_ACCEPTALL in Conditional Symbols and use OkHttpUtils2 to download the page then display using WebView1.LoadHtml(job.GetString)
But I am not sure it is already fixed at your side.
Click to expand...

Thanks! Good information to keep in mind for future reference. However in my case I have to use webview since my application does more than just display a page. I used the apache page for testing only.
 
Upvote 0

Sandman

Expert
Licensed User
Longtime User
Yeah, that's why I couldn't find a solution to recommend. I should have been more clear about it, sorry.

On second thought, the only thing I can think of is to get a different certificate that is (more) guaranteed to work, assuming that the primary use of the website is via a webview in your app. Sucks, but works.

I assume it's possible to configure webview to not care of the validity of the cert (it is for curl), which would solve the direct issue and display the site in the webview. But it would also open up a giant security hole, the cert is there for a reason - don't do this.
 
Upvote 0

aminoacid

Active Member
Licensed User
Longtime User

Yes... that's exactly what I was looking for..... Some way to configure webview to ignore the validity of the certificate. In my application, security is not an issue. However I could not find any way to do this.
 
Upvote 0

teddybear

Well-Known Member
Licensed User
I wrapped a library for trusting all websites, it is like HU2_ACCEPTALL , you don't have to add the certificate manually.
B4X: 
    Dim AT As AllTrust
    AT.Initialize
    WebView1.LoadUrl("https://strikenet-tx.com/apache.html")
 

Attachments

  • alltrust.zip
    2 KB · Views: 186
  • AllTrust.xml
    990 bytes · Views: 156
  • AllTrust.jar
    2.7 KB · Views: 142
Upvote 0

aeric

Expert
Licensed User
Longtime User
My understanding is, you install your certificate on the server.
I have a small VPS hosting from hostinger. My port 80 is used by Apache server and can run PHP.
I created Let's Encrypt SSL and the certificate is shared with all the ports, including (and intended for) all my B4J Jetty Server apps running on other port numbers.
Nothing is needed to be done for the client apps.

[Server] Using Let's Encrypt on Ubuntu VPS

#1 How to: Install Let's Encrypt on Ubuntu Linux VPS to Create SSL Certificates Downloading and Installing Let's Encrypt 1. Update the server's packages apt-get update & sudo apt-get upgrade 2. Install the GIT package apt-get install git 3. Download a clone of Let's Encrypt from the GitHub...
www.b4x.com
 
Upvote 0

drgottjr

Expert
Licensed User
Longtime User
configuring webview to ignore ssl certs is trivial.
you can also arrange things so that a list of
white-listed sites with problematic certificates
could still be loaded by webview. this list could
be compiled by the developer or the user and
be updated as needed. in the case of a
distributed app, it has to be understood by the
user that any sites added to the list by him are
his responsibility. as has been pointed out,
the major browsers have little choice but to
update such a list as certifiying authorities come
and go. there is no reason you could not do
the same for your app.
 
Upvote 0

aminoacid

Active Member
Licensed User
Longtime User

Thanks! I tried it, but get this error when compiling:

java.lang.UnsupportedClassVersionError: b4j/teddybear/alltrust has been compiled by a more recent version of the Java Runtime (class file version 53.0), this version of the Java Runtime only recognizes class file versions up to 52.0

I am using the latest version of B4J, Java8 JDK 8u371

Do I need the library source?
 
Upvote 0

teddybear

Well-Known Member
Licensed User
The jar has been updated for jdk8
 
Last edited:
Upvote 0
You must log in or register to reply here.

Similar Threads

M
  • Question
B4J Question Webview problem
Replies
2
Views
878
menneaduplo
M
P
  • Solved
B4J Question [SOLVED]Webview not displaying Webpages from B4J server
Replies
11
Views
2K
Peter Lewis
P
  • Question
B4J Question [ Webview Problem ] html form dont send parameter on B4J webview
Replies
7
Views
2K
Waldemar Lima
  • Question
B4J Question [ WebView ] Dont loading url
Replies
5
Views
988
DonManfred
  • Question
B4J Question HTML and JS for dynamic autocomplete datalist ???
Replies
4
Views
2K
Patent
Menu
Log in
Register
Cookies are required to use this site. You must accept them to continue using the site. Learn more…