Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 45973566 authored by Jon Dormody's avatar Jon Dormody Committed by Android (Google) Code Review
Browse files

Merge "Docs: Added a link to Updating Your Security Provider to Protect... 

Merge "Docs: Added a link to Updating Your Security Provider to Protect Against SSL Exploits" into oc-dev
parents 560fb5d0 f72e8263

core/java/android/net/SSLCertificateSocketFactory.java

+6 −1
Original line number Diff line number Diff line
@@ -62,7 +62,12 @@ import javax.net.ssl.X509TrustManager; 
 * This implementation does check the server's certificate hostname, but only

 * for createSocket variants that specify a hostname.  When using methods that

 * use {@link InetAddress} or which return an unconnected socket, you MUST

 * verify the server's identity yourself to ensure a secure connection.</p>

 * verify the server's identity yourself to ensure a secure connection.

 *

 * Refer to

 * <a href="https://developer.android.com/training/articles/security-gms-provider.html">

 * Updating Your Security Provider to Protect Against SSL Exploits</a>

 * for further information.</p>

 *

 * <p>One way to verify the server's identity is to use

 * {@link HttpsURLConnection#getDefaultHostnameVerifier()} to get a