OkHttpUtils默认每次访问网址都会改变cookie值,导致后台很难做到安全的校验。在BaseApplication设计如下值就可以了。
/*HTTPS访问初始化设置*/
/*HTTPS访问初始化设置*/
private void initOkHttp() {
final HashMap<HttpUrl, List<Cookie>> cookieStore = new HashMap<>();
HttpsUtils.SSLParams sslParams = HttpsUtils.getSslSocketFactory(null, null, null);
OkHttpClient okHttpClient = new OkHttpClient.Builder()
.connectTimeout(10000L, TimeUnit.MILLISECONDS)
.readTimeout(10000L, TimeUnit.MILLISECONDS)
.cookieJar(new CookieJar() {//保留session唯一性
@Override
public void saveFromResponse(HttpUrl url, List<Cookie> cookies) {
Logs.v("保存的cookies:" + cookies+" url:"+url);
cookieStore.put(url, cookies);
}
@Override
public List<Cookie> loadForRequest(HttpUrl url) {
List<Cookie> cookies = cookieStore.get(url);
Logs.v("请求的cookies:" + cookies+" url:"+url);
return cookies != null ? cookies : new ArrayList<Cookie>();
}
})
.addInterceptor(new LoggerInterceptor("TAG"))
.hostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
})
.sslSocketFactory(sslParams.sSLSocketFactory, sslParams.trustManager)//保证能访问HTTPS
.build();
OkHttpUtils.initClient(okHttpClient);
}
一.URL与cookie一一对应
以上代码能保证你每次访问同一个URL传给服务器的请求Cookie和服务器第一次返回的相同,从而提高了安全性。
二.保证访问同一个服务器所有URL的cookie相同
就是修改下上面的代码就可以
这里主要是保留服务器的host地址,将URL的host设置为key,而不是URL
final HashMap<String, List<Cookie>> cookieStore = new HashMap<>();
.cookieJar(new CookieJar() {//保留session唯一性 @Override public void saveFromResponse(HttpUrl url, List<Cookie> cookies) { Logs.v("保存的cookies:" + cookies + " url:" + url + " " + cookieStore.get(url.host())); if (cookieStore.get(url.host()) == null) { cookieStore.put(url.host(), cookies); } } @Override public List<Cookie> loadForRequest(HttpUrl url) { List<Cookie> cookies = cookieStore.get(url.host()); Logs.v("请求的cookies:" + cookies + " url:" + url + " \nhost:" + url.host()); return cookies != null ? cookies : new ArrayList<Cookie>(); } })
三.扩展
https://www.jianshu.com/p/53e8e0eb36b8?from=singlemessage
修改成自带的cookie持久化
https://www.cnblogs.com/whycxb/p/7146572.html?tdsourcetag=s_pcqq_aiomsg