Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trust user added CA certificates #4397

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Trust user added CA certificates #4397

wants to merge 3 commits into from

Conversation

smarthome-abc
Copy link

@smarthome-abc smarthome-abc commented Jan 11, 2025
edited
Loading

Trust user added CA certificates. I added a CA root certificate on Fire TV stick, and the Amazon Silk Browser trusts the certificate but Jellyfin app shows "Unable to connect" when using the https URL

Changes
Trust both system (default behavior) and also user added CA root certificates

Issues

github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 11, 2025
View reviewed changes
app/src/main/AndroidManifest.xml
@@ -49,7 +49,8 @@
android:largeHeap="true"
android:supportsRtl="true"
android:theme="@style/Theme.Jellyfin"
android:usesCleartextTraffic="true">
android:usesCleartextTraffic="true"

Check warning

Code scanning / Android Lint

Attribute unused on older versions Warning

Attribute usesCleartextTraffic is only used in API level 23 and higher (current min is 21)
app/src/main/AndroidManifest.xml
@@ -49,7 +49,8 @@
android:largeHeap="true"
android:supportsRtl="true"
android:theme="@style/Theme.Jellyfin"
android:usesCleartextTraffic="true">
android:usesCleartextTraffic="true"
android:networkSecurityConfig="@xml/network_security_config">

Check warning

Code scanning / Android Lint

Attribute unused on older versions Warning

Attribute networkSecurityConfig is only used in API level 24 and higher (current min is 21)
app/src/main/res/xml/network_security_config.xml Outdated
@@ -0,0 +1,9 @@
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<base-config cleartextTrafficPermitted="true">

Check warning

Code scanning / Android Lint

Insecure Base Configuration Warning

Insecure Base Configuration
app/src/main/res/xml/network_security_config.xml Outdated
<base-config cleartextTrafficPermitted="true">
<trust-anchors>
<certificates src="system" />
<certificates src="user" />

Check warning

Code scanning / Android Lint

Allowing User Certificates Warning

The Network Security Configuration allows the use of user certificates in the release version of your app
nielsvanvelzen
nielsvanvelzen requested changes Jan 11, 2025
View reviewed changes
Copy link
Member

@nielsvanvelzen nielsvanvelzen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add appropriate tools:ignore attributes for the various lint issues

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nielsvanvelzen nielsvanvelzen Awaiting requested review from nielsvanvelzen nielsvanvelzen is a code owner

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@smarthome-abc @nielsvanvelzen