Added in API level 1
Deprecated in API level 22

StrictHostnameVerifier

public class StrictHostnameVerifier
extends AbstractVerifier

java.lang.Object
   ↳ org.apache.http.conn.ssl.AbstractVerifier
     ↳ org.apache.http.conn.ssl.StrictHostnameVerifier


This class was deprecated in API level 22.
Please use URL.openConnection() instead. Please visit this webpage for further details.

The Strict HostnameVerifier works the same way as Sun Java 1.4, Sun Java 5, Sun Java 6-rc. It's also pretty close to IE6. This implementation appears to be compliant with RFC 2818 for dealing with wildcards.

The hostname must match either the first CN, or any of the subject-alts. A wildcard can occur in the CN, and in any of the subject-alts. The one divergence from IE6 is how we only check the first CN. IE6 allows a match against any of the CNs present. We decided to follow in Sun Java 1.4's footsteps and only check the first CN. (If you need to check all the CN's, feel free to write your own implementation!).

A wildcard such as "*.foo.com" matches only subdomains in the same level, for example "a.foo.com". It does not match deeper subdomains such as "a.b.foo.com".

Summary

Public constructors

StrictHostnameVerifier()

Public methods

final String toString()

Returns a string representation of the object.

final void verify(String host, String[] cns, String[] subjectAlts)

Inherited methods

Public constructors

StrictHostnameVerifier

public StrictHostnameVerifier ()

Public methods

toString

Added in API level 1
public final String toString ()

Returns a string representation of the object.

Returns
String a string representation of the object.

verify

Added in API level 1
public final void verify (String host, 
                String[] cns, 
                String[] subjectAlts)

Parameters
host String

cns String

subjectAlts String

Throws
SSLException