diff --git a/.changes/remove-unsecure-configs.md b/.changes/remove-unsecure-configs.md new file mode 100644 index 000000000..2385ec55b --- /dev/null +++ b/.changes/remove-unsecure-configs.md @@ -0,0 +1,8 @@ +--- +"tauri-cli": patch:sec +"@tauri-apps/cli": patch:sec +"tauri": patch:sec +--- + +Re-enable TLS checks that were previously disabled to support an insecure HTTPS custom protocol on Android which is no longer used. + diff --git a/core/tauri/src/protocol/tauri.rs b/core/tauri/src/protocol/tauri.rs index dc025805f..fd89b954c 100644 --- a/core/tauri/src/protocol/tauri.rs +++ b/core/tauri/src/protocol/tauri.rs @@ -103,13 +103,8 @@ fn get_response( .decode_utf8_lossy() .to_string(); let url = format!("{url}{decoded_path}"); - #[allow(unused_mut)] - let mut client_builder = reqwest::ClientBuilder::new(); - #[cfg(any(feature = "native-tls", feature = "rustls-tls"))] - { - client_builder = client_builder.danger_accept_invalid_certs(true); - } - let mut proxy_builder = client_builder + + let mut proxy_builder = reqwest::ClientBuilder::new() .build() .unwrap() .request(request.method().clone(), &url); diff --git a/examples/api/src-tauri/Cargo.lock b/examples/api/src-tauri/Cargo.lock index d0f7e2688..648d00d65 100644 --- a/examples/api/src-tauri/Cargo.lock +++ b/examples/api/src-tauri/Cargo.lock @@ -3033,7 +3033,7 @@ checksum = "e1fc403891a21bcfb7c37834ba66a547a8f402146eba7265b5a6d88059c9ff2f" [[package]] name = "tauri" -version = "2.0.0-beta.23" +version = "2.0.0-beta.24" dependencies = [ "anyhow", "bytes", @@ -3083,7 +3083,7 @@ dependencies = [ [[package]] name = "tauri-build" -version = "2.0.0-beta.18" +version = "2.0.0-beta.19" dependencies = [ "anyhow", "cargo_toml", @@ -3105,7 +3105,7 @@ dependencies = [ [[package]] name = "tauri-codegen" -version = "2.0.0-beta.18" +version = "2.0.0-beta.19" dependencies = [ "base64 0.22.1", "brotli", @@ -3130,7 +3130,7 @@ dependencies = [ [[package]] name = "tauri-macros" -version = "2.0.0-beta.18" +version = "2.0.0-beta.19" dependencies = [ "heck 0.5.0", "proc-macro2", @@ -3142,7 +3142,7 @@ dependencies = [ [[package]] name = "tauri-plugin" -version = "2.0.0-beta.18" +version = "2.0.0-beta.19" dependencies = [ "anyhow", "glob", @@ -3168,7 +3168,7 @@ dependencies = [ [[package]] name = "tauri-runtime" -version = "2.0.0-beta.19" +version = "2.0.0-beta.20" dependencies = [ "dpi", "gtk", @@ -3185,7 +3185,7 @@ dependencies = [ [[package]] name = "tauri-runtime-wry" -version = "2.0.0-beta.19" +version = "2.0.0-beta.20" dependencies = [ "cocoa", "gtk", @@ -3207,7 +3207,7 @@ dependencies = [ [[package]] name = "tauri-utils" -version = "2.0.0-beta.18" +version = "2.0.0-beta.19" dependencies = [ "aes-gcm", "brotli", diff --git a/examples/api/vite.config.js b/examples/api/vite.config.js index d5d5459c8..d2ca239f7 100644 --- a/examples/api/vite.config.js +++ b/examples/api/vite.config.js @@ -33,8 +33,8 @@ export default defineConfig({ hmr: mobile ? { protocol: 'ws', - host: internalIpV4Sync(), - port: 1421 + host: mobile ? internalIpV4Sync() : 'localhost', + port: 1430 } : undefined, fs: { diff --git a/tooling/cli/src/mobile/android/build.rs b/tooling/cli/src/mobile/android/build.rs index 05ae9240d..8ae49c028 100644 --- a/tooling/cli/src/mobile/android/build.rs +++ b/tooling/cli/src/mobile/android/build.rs @@ -26,7 +26,7 @@ use cargo_mobile2::{ target::TargetTrait, }; -use std::env::{set_current_dir, set_var}; +use std::env::set_current_dir; #[derive(Debug, Clone, Parser)] #[clap( @@ -122,9 +122,6 @@ pub fn command(options: Options, noise_level: NoiseLevel) -> Result<()> { (interface, app, config, metadata) }; - set_var("WRY_RUSTWEBVIEWCLIENT_CLASS_EXTENSION", ""); - set_var("WRY_RUSTWEBVIEW_CLASS_INIT", ""); - let profile = if options.debug { Profile::Debug } else { diff --git a/tooling/cli/src/mobile/android/dev.rs b/tooling/cli/src/mobile/android/dev.rs index 25aae5765..caa231b4f 100644 --- a/tooling/cli/src/mobile/android/dev.rs +++ b/tooling/cli/src/mobile/android/dev.rs @@ -32,16 +32,7 @@ use cargo_mobile2::{ target::TargetTrait, }; -use std::env::{set_current_dir, set_var}; - -const WEBVIEW_CLIENT_CLASS_EXTENSION: &str = " - @android.annotation.SuppressLint(\"WebViewClientOnReceivedSslError\") - override fun onReceivedSslError(view: WebView?, handler: SslErrorHandler, error: android.net.http.SslError) { - handler.proceed() - } -"; -const WEBVIEW_CLASS_INIT: &str = - "this.settings.mixedContentMode = android.webkit.WebSettings.MIXED_CONTENT_ALWAYS_ALLOW"; +use std::env::set_current_dir; #[derive(Debug, Clone, Parser)] #[clap( @@ -154,12 +145,6 @@ fn run_command(options: Options, noise_level: NoiseLevel) -> Result<()> { (interface, app, config, metadata) }; - set_var( - "WRY_RUSTWEBVIEWCLIENT_CLASS_EXTENSION", - WEBVIEW_CLIENT_CLASS_EXTENSION, - ); - set_var("WRY_RUSTWEBVIEW_CLASS_INIT", WEBVIEW_CLASS_INIT); - let tauri_path = tauri_dir(); set_current_dir(tauri_path).with_context(|| "failed to change current working directory")?;