Marcel, Well, I was hoping it would not come down to custom TrustManagers. I was hoping to hook into the CordovaWebViewClient’s shouldInterceptRequest().
I realise this is in API 11+, but don’t know of another way off the top of my head (was hoping this thread could help, yay). Is the issue related to that “security hole” thread where the whitelist isn’t checked with ajax/xhr on API < 11 ? On 14 Jan 2014, at 8:53 am, Marcel Kinard <cmarc...@gmail.com> wrote: > I am curious how this would be implemented on Android. If you construct an > SSLSocketFactory with your private TrustManager that contains the pinned > cert, how do you get the Android webview to use that SSLSocketFactory? >
