Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8242077

Add information about HTTP/2 and HttpClient usage in WebEngine

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: P3
    • Resolution: Fixed
    • Affects Version/s: openjfx14
    • Fix Version/s: openjfx15
    • Component/s: javafx
    • Labels:

      Description

      Using Java 14 (OpenJDK download), older versions of the JavaFX SDK (e.g. JavaFX 12) were capable of loading web pages with expired certificates. With Java 14 and JavaFX 14, an error is printed and the webpage is not shown.

      However, with Java 11.0.2 and JavaFX 14, no error is printed and the page with the expired certificate is shown.

      There is currently no clear and consistent documentation about how WebView should handle sites with expired certificates.

      Might be related to JDK-8221097 and JDK-8211308.

      Sample
      =====

      import javafx.application.Application;
      import javafx.concurrent.Worker;
      import javafx.scene.Scene;
      import javafx.scene.layout.VBox;
      import javafx.scene.web.WebView;
      import javafx.stage.Stage;

      import javax.net.ssl.*;
      import java.security.KeyManagementException;
      import java.security.NoSuchAlgorithmException;
      import java.security.cert.X509Certificate;

      public class Html5Webview extends Application {

          public void start(Stage primaryStage) {
              HttpsURLConnection.setDefaultSSLSocketFactory(TrustAllSSLProvider.getSslSocketFactory());
              HttpsURLConnection.setDefaultHostnameVerifier(TrustAllSSLProvider.getHostNameVerifier());

              primaryStage.setTitle("JavaFX WebView Html5 Support");

              WebView webView = new WebView();
              webView.getEngine().getLoadWorker().stateProperty().addListener((o, ov, nv) -> {
                  if (nv == Worker.State.FAILED) {
                      System.out.println(webView.getEngine().getLoadWorker().getMessage());
                      webView.getEngine().getLoadWorker().getException().printStackTrace();
                  }
              });
              webView.getEngine().load("https://188.166.109.46");

              VBox vBox = new VBox(webView);
              Scene scene = new Scene(vBox);

              primaryStage.setScene(scene);
              primaryStage.show();
          }

          public static class TrustAllSSLProvider {

              // Verify-all name verifier
              private final static HostnameVerifier hostNameVerifier = (hostname, session) -> true;

              // Trust-all socket factory
              private static final SSLSocketFactory sslSocketFactory;
              static {
                  TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {
                      public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                          return null;
                      }
                      public void checkClientTrusted(X509Certificate[] certs, String authType) {
                      }
                      public void checkServerTrusted(X509Certificate[] certs, String authType) {
                      }
                  }};
                  SSLContext sc;
                  try {
                      sc = SSLContext.getInstance("TLS");
                  } catch (NoSuchAlgorithmException e) {
                      throw new IllegalStateException(e);
                  }
                  try {
                      sc.init(null, trustAllCerts, new java.security.SecureRandom());
                  } catch (KeyManagementException e) {
                      throw new IllegalStateException(e);
                  }
                  sslSocketFactory = sc.getSocketFactory();
              }

              public static HostnameVerifier getHostNameVerifier() {
                  return hostNameVerifier;
              }

              public static SSLSocketFactory getSslSocketFactory() {
                  return sslSocketFactory;
              }
          }

          public static void main(String[] args) {
              // System.setProperty("javax.net.debug", "ssl");
              launch(args);
          }
      }

      Error (in case there is one):

      ome/bin/java -p /opt/javafx-sdk-14/lib --add-modules javafx.web Html5Webview
      Loading failed
      java.lang.Throwable: SSL handshake failed
      at javafx.web/javafx.scene.web.WebEngine$LoadWorker.describeError(WebEngine.java:1431)
      at javafx.web/javafx.scene.web.WebEngine$LoadWorker.dispatchLoadEvent(WebEngine.java:1370)
      at javafx.web/javafx.scene.web.WebEngine$PageLoadListener.dispatchLoadEvent(WebEngine.java:1231)
      at javafx.web/com.sun.webkit.WebPage.fireLoadEvent(WebPage.java:2514)
      at javafx.web/com.sun.webkit.WebPage.fwkFireLoadEvent(WebPage.java:2359)
      at javafx.web/com.sun.webkit.network.URLLoaderBase.twkDidFail(Native Method)
      at javafx.web/com.sun.webkit.network.HTTP2Loader.notifyDidFail(HTTP2Loader.java:624)
      at javafx.web/com.sun.webkit.network.HTTP2Loader.lambda$didFail$18(HTTP2Loader.java:606)
      at javafx.web/com.sun.webkit.network.HTTP2Loader.lambda$callBackIfNotCanceled$10(HTTP2Loader.java:437)
      at javafx.graphics/com.sun.javafx.application.PlatformImpl.lambda$runLater$10(PlatformImpl.java:428)
      at java.base/java.security.AccessController.doPrivileged(AccessController.java:391)
      at javafx.graphics/com.sun.javafx.application.PlatformImpl.lambda$runLater$11(PlatformImpl.java:427)
      at javafx.graphics/com.sun.glass.ui.InvokeLaterDispatcher$Future.run(InvokeLaterDispatcher.java:96)

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                ghb Guru Hb
                Reporter:
                jvos Johan Vos
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: