search

luberda-molinet / FFImageLoading

Image loading, caching & transforming library for Xamarin and Windows
MIT License
1.42k stars 377 forks source link

FFImageLoading Not Show Android 4.2 #1448

Open fakhravari opened 4 years ago

fakhravari commented 4 years ago

🐛 Bug Report

FFImageLoading Android 4.2 Not Show 4.2 or 4.3 Not Show not showing Source show only LoadingPlaceholder or ErrorPlaceholder

https://us.v-cdn.net/5019960/uploads/editor/tj/z8o6rc4kouzz.png

Expected behavior

Reproduction steps

Configuration

Version: 1.x

Platform:

fakhravari commented 4 years ago

android 5

show extension webp not show other extension

04-28 22:19:29.096 I/mono-stdout(31401): Image loading failed: https://cdn.vatanbgs.com/Content/Images/Slideshow/637226161016872438.jpg;1080x0 Image loading failed: https://cdn.vatanbgs.com/Content/Images/Slideshow/637226161016872438.jpg;1080x0 04-28 22:19:29.096 I/mono-stdout(31401): FFImageLoading.Exceptions.DownloadAggregateException: One or more errors occurred. (The SSL connection could not be established, see inner exception.) (The SSL connection could not be established, see inner exception.) (The SSL connection could not be established, see inner exception.) (The SSL connection could not be established, see inner exception.) ---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception. ---> Mono.Btls.MonoBtlsException: Ssl error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED 04-28 22:19:29.101 I/mono-stdout(31401): at /Users/builder/jenkins/workspace/archive-mono/2019-10/android/release/external/boringssl/ssl/handshake_client.c:1132 04-28 22:19:29.101 I/mono-stdout(31401): at Mono.Btls.MonoBtlsContext.ProcessHandshake () [0x00042] in /Users/builder/jenkins/workspace/archive-mono/2019-10/android/release/mcs/class/System/Mono.Btls/MonoBtlsContext.cs:220 FFImageLoading.Exceptions.DownloadAggregateException: One or more errors occurred. (The SSL connection could not be established, see inner exception.) (The SSL connection could not be established, see inner exception.) (The SSL connection could not be established, see inner exception.) (The SSL connection could not be established, see inner exception.) ---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception. ---> Mono.Btls.MonoBtlsException: Ssl error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED at /Users/builder/jenkins/workspace/archive-mono/2019-10/android/release/external/boringssl/ssl/handshake_client.c:1132 at Mono.Btls.MonoBtlsContext.ProcessHandshake () [0x00042] in /Users/builder/jenkins/workspace/archive-mono/2019-10/android/release/mcs/class/System/Mono.Btls/MonoBtlsContext.cs:220

rybkakrzy commented 4 years ago

I have the same problem!

fakhravari commented 4 years ago

There is no one to help

jmielczarkowski commented 4 years ago

@felipechavez @fakhravari

So FFImageLoading is failing to load HTTPS images because the intermediate certificate issued by provider has expired.

If you need to bypass it there's way to do it, but I would strongly recommend to update your certificates on BE side.

I believe that more people had this issue last days. Please close ticket because that's not bug or make some action points like update of FAQ and explain why it happens and how to proceed.

LeeRaybone commented 4 years ago

Is there any action points or FAQ to resolve this issue of the updating certificates or the work around process?

DarBeck commented 4 years ago

I have found a way around this by using Conveyor https://conveyor.cloud/ And following the steps to setup SSL on Andriod.

amirvenus commented 3 years ago

@felipechavez @fakhravari

So FFImageLoading is failing to load HTTPS images because the intermediate certificate issued by provider has expired.

If you need to bypass it there's way to do it, but I would strongly recommend to update your certificates on BE side.

I believe that more people had this issue last days. Please close ticket because that's not bug or make some action points like update of FAQ and explain why it happens and how to proceed.

Could you please advise how to bypass the SSL checks on Images?

shweta1915 commented 3 years ago

Any solution? After updating SSL, I am still facing the same issue.

@felipechavez @fakhravari

So FFImageLoading is failing to load HTTPS images because the intermediate certificate issued by provider has expired.

If you need to bypass it there's way to do it, but I would strongly recommend to update your certificates on BE side.

I believe that more people had this issue last days. Please close ticket because that's not bug or make some action points like update of FAQ and explain why it happens and how to proceed.

amirvenus commented 3 years ago

Any solution? After updating SSL, I am still facing the same issue.

@felipechavez @fakhravari So FFImageLoading is failing to load HTTPS images because the intermediate certificate issued by provider has expired. If you need to bypass it there's way to do it, but I would strongly recommend to update your certificates on BE side. I believe that more people had this issue last days. Please close ticket because that's not bug or make some action points like update of FAQ and explain why it happens and how to proceed.

My solution was to provide my own instance of HttpClient (that has SSL bypass in its handler) on the MainActivity.cs file by using ImageService.

nabilakhlaque commented 3 years ago

@amirvenus would you mind sharing your code?

amirvenus commented 3 years ago

@amirvenus would you mind sharing your code?

This is what I do in Android (MainActivity.cs):

var handler = new HttpClientHandler();
             handler.ClientCertificateOptions = ClientCertificateOption.Manual;
             handler.ServerCertificateCustomValidationCallback = 
                 (httpRequestMessage, cert, cetChain, policyErrors) => true;

             var client = new HttpClient(handler);
             ImageService.Instance.Initialize(new Configuration
             {
                 HttpClient = client
             });
jkapsouras commented 2 years ago

Thank you @amirvenus for sharing your code. I have a question though. Is it safe to bypass ssl?

amirvenus commented 2 years ago

Hi

No it's not safe to bypass the SSL at all!

The code I had was merely about helping you debug the app while not worrying about SSL in the development phase.

It goes without saying that at the time of release, that issue must be resolved.

jkapsouras commented 2 years ago

I tried a different but similar approach. I was inspired by your response. I use refit in my app and the very same api works fine for every request instead from images (when ffimageloading is used). Example:

ImageService .Instance .LoadUrl(Constants.VehicleImagesAddress(item.Id.ToString())) .LoadingPlaceholder("vehicle_placeholder.png", FFImageLoading.Work.ImageSource.CompiledResource) .ErrorPlaceholder("vehicle_placeholder.png", FFImageLoading.Work.ImageSource.CompiledResource) .DownSample(width: vh.Image.Resources.DisplayMetrics.WidthPixels) .Into(vh.Image);

I thought to pass to ffimageloading the client used with refit in the rest api calls:

`public void RegisterApi(ContainerBuilder builder) { var httpClient = new System.Net.Http.HttpClient(new AndroidClientHandler(), true) { BaseAddress = new Uri(BaseUrl), DefaultRequestHeaders = { { "access_token", Constants.AccessToken } }, Timeout = TimeSpan.FromSeconds(Constants.TimeoutSeconds) };

        builder.Register(api => RestService.For<INeed4CarApi>(httpClient))
               .As<INeed4CarApi>()
               .SingleInstance();

        ImageService.Instance.Initialize(new Configuration
        {
            HttpClient = httpClient
        }); 
    }`

And it worked! FFimageLoding has not been updated for a while, so I though that maybe has old httpclient implementation. Passing an updated client worked just fine (ssl/tls implementation: Native TLS 1.2+)

Martinedo commented 2 years ago

@jkapsouras does your approach also bypasses the SSL? Whats the default ClientCertificateOptions in the AndroidClientHandler()?

jkapsouras commented 2 years ago

No, it does not. It's the android http client with the TLS1.2+ support that make the library work. (AndroidHttpClient along with Native TLS1.2+ in project options).

https://devblogs.microsoft.com/xamarin/securing-network-traffic-with-tls-1-2/

waltersh790824 commented 2 years ago

I was able to get it working by just setting a custom config with a reference to a new HttpClient. No need to disable SSL cert verification or anything else that opens up security vulnerabilities. Also, making sure you're set to use Native TLS 1.2 since it can't hurt.

CachedImageRenderer.InitImageViewHandler();
CachedImageRenderer.Init(true);

var config = new Configuration
{
    HttpClient = new HttpClient()
};

ImageService.Instance.Initialize(config);
Martinedo commented 2 years ago

@waltersh790824 your solution is working thank. Here is a 1liner if someone wants one ImageService.Instance.Initialize(new FFImageLoading.Config.Configuration { HttpClient = new HttpClient() });

jkapsouras commented 2 years ago

If you want to user HttpClient instead of AndroidHttpClient, please don't forget to use androidclienthandler and tls 1.2 ssl implementation in your project properties for security reasons. (https://docs.microsoft.com/en-us/xamarin/android/app-fundamentals/http-stack?tabs=macos)

Kenny-Ali commented 2 years ago

@waltersh790824 your solution is working thank. Here is a 1liner if someone wants one ImageService.Instance.Initialize(new FFImageLoading.Config.Configuration { HttpClient = new HttpClient() });

You guys are freaking great!! Thank you!!