1

I've noticed that Android provides two very similar classes as default hostname verifiers.

The default one used by HttpsURLConnection is javax.net.ssl.DefaultHostnameVerifier.

There's another one though, org.apache.http.conn.ssl.BrowserCompatHostnameVerifier, which is supposedly the same.

Why are these two provided and which one should be used for default verification?

4

1 回答 1

3

一个区别是 BrowserCompatHostnameVerifier 可以验证 IP 地址形式的主机名(如浏览器),而 DefaultHostnameVerifier 将始终尝试通过 DNS 查找 IP 地址。

http://lexaux.blogspot.com/2013/01/android-httpsurlconnection-self-signed.html

于 2014-04-21T06:05:29.233 回答