SSL error handling

[winstonma]

Daniel, I think the browser is getting better and better.

I currently faced an issue. I read the online article Hands on Review of the Hisense A9 4G E INK Android 11 Smartphone but I am having trouble viewing the content using einkbro. When I tried another browser it is working normally.

I tried the website on my eink device as well as my tablet and got the same behavior. Please take a look and let me know how I could got problem fixed. Thanks a lot.

[plateaukao]

Hi, @winstonma
I can read the article without any issues on latest version (9.1.0).

May I know how did you get the web link? If it's something you searched on google, and it is listed on top of the link results; these links may be with google ad redirection, that will be identified as advertisement.

Also, in addition to that url, is it possible to access other links on goodreader? for example: https://goodereader.com/blog/reviews

[winstonma]

Sorry I think I should highlight few things

1. I am using Pihole on my router so it would block ads using host file, of coz I subscribed to other list as well. After disabling the Pihole I can view the page again. As a reference I can view the webpage using other browsers when Pihole is enabled.
2. This problem is not v9.1 specific, it also happens to v9.0. I didn't check anything before.
3. I couldn't access the review page as well

[plateaukao]

May I know what's the error message on the screen? Also, since I don't know the underlying mechanism of Pihole, you may need to check logs from Pihole and see if something goes wrong when EinkBro tries to access that web site.

[winstonma]

Pihole blocks ad server access via the host file (exactly same as Adaway in Android). Also the Pihole log only log what's go through and what's get blocked. Like the image below:

Actually I think this is the full test case and first of all your device need to be rooted

1. Download Adaway apk and install Adaway
2. Open Adaway, and add addition adlist (Energized Basic)
3. Open https://goodereader.com/blog/reviews using einkbro

Then I got empty webpage like the screenshot below:

[winstonma]

If you don't mind I could install a debug version of einkbro and it could capture more info.

[plateaukao]

Yes, it would be helpful if you know how to build the app and check if there's any error logs for EinkBro. I checked the website, and it did have lots of connections related to ads. AdAway has two modes: one to root first; one to act as VPN. I tried the second way, and the goodreader review website can be browsed correctly without ads (I turned off EinkBro adblocker for testing).

[winstonma]

I just repeated your testing environment and test the link against the website:

1. I reset the Adaway on my phone and force it to use VPN based Adblocking - Work
2. I then set the Adaway back to root mode - Doesn't work
3. Adaway root mode and use Via browser - Work
4. Using Adaway root mode and disabled the adblock setting - Doesn't work
5. Using Adaway root mode, disabled the adblocking setting & pihole - Work

Also I checked the error log from my phone and there is one error line may help understanding:

06-19 19:12:30.563 23273 31270 E chromium: [ERROR:ssl_client_socket_impl.cc(999)] handshake failed; returned -1, SSL error code 1, net_error -202
06-19 19:12:30.575 23273 31270 E chromium: [ERROR:ssl_client_socket_impl.cc(999)] handshake failed; returned -1, SSL error code 1, net_error -202

I am not sure but it seems to me that the Adaway root mode would generate the SSL error.

[winstonma]

Sorry to bother but this is the warning message I got from Via Browser

I believe it is related to the SSL error in the previous comment.

[plateaukao]

I guess Adaway root version uses its own certificate, and that's why it causes problems. reference link. In current EinkBro implementation, I did not do anything related to SSL errors. (link)

When I know what's better alternative, I will add some codes to it. Before that day, you could just click "open link with..." in menu temporarily when you meet urls like this.

[plateaukao]

@winstonma I tried to show a dialog too as other browsers do. Please check this temp release version: https://nightly.link/plateaukao/browser/workflows/buid-app-workflow.yaml/main/app-release.apk.zip

[winstonma]

Thanks for fixing the problem. I downloaded the temp release and the app just crash while opening website. Here is the error log:

06-19 21:08:17.187 30453 32708 E chromium: [ERROR:ssl_client_socket_impl.cc(999)] handshake failed; returned -1, SSL error code 1, net_error -202
06-19 21:08:17.188 30453 32708 E chromium: [ERROR:ssl_client_socket_impl.cc(999)] handshake failed; returned -1, SSL error code 1, net_error -202
06-19 21:08:17.201 30453 30453 E AndroidRuntime: FATAL EXCEPTION: main
06-19 21:08:17.201 30453 30453 E AndroidRuntime: Process: info.plateaukao.einkbro, PID: 30453
06-19 21:08:17.201 30453 30453 E AndroidRuntime: java.lang.RuntimeException: java.lang.reflect.InvocationTargetException
06-19 21:08:17.201 30453 30453 E AndroidRuntime:        at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:503)
06-19 21:08:17.201 30453 30453 E AndroidRuntime:        at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:940)
06-19 21:08:17.201 30453 30453 E AndroidRuntime: Caused by: java.lang.reflect.InvocationTargetException
06-19 21:08:17.201 30453 30453 E AndroidRuntime:        at java.lang.reflect.Method.invoke(Native Method)
06-19 21:08:17.201 30453 30453 E AndroidRuntime:        at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:493)
06-19 21:08:17.201 30453 30453 E AndroidRuntime:        ... 1 more
06-19 21:08:17.201 30453 30453 E AndroidRuntime: Caused by: p7.e: No definition found for class:'i5.u'. Check your definitions!
06-19 21:08:17.201 30453 30453 E AndroidRuntime:        at w7.a.l(Unknown Source:64)
06-19 21:08:17.201 30453 30453 E AndroidRuntime:        at w7.a.k(Unknown Source:138)
06-19 21:08:17.201 30453 30453 E AndroidRuntime:        at w7.a.j(Unknown Source:28)
06-19 21:08:17.201 30453 30453 E AndroidRuntime:        at w7.a.c(Unknown Source:153)
06-19 21:08:17.201 30453 30453 E AndroidRuntime:        at z4.o$g.s(Unknown Source:35)
06-19 21:08:17.201 30453 30453 E AndroidRuntime:        at n5.p.getValue(Unknown Source:20)
06-19 21:08:17.201 30453 30453 E AndroidRuntime:        at z4.o.i(Unknown Source:2)
06-19 21:08:17.201 30453 30453 E AndroidRuntime:        at z4.o.onReceivedSslError(Unknown Source:85)
06-19 21:08:17.201 30453 30453 E AndroidRuntime:        at H9.run(chromium-TrichromeWebViewGoogle.aab-stable-500512533:758)
06-19 21:08:17.201 30453 30453 E AndroidRuntime:        at android.os.Handler.handleCallback(Handler.java:883)
06-19 21:08:17.201 30453 30453 E AndroidRuntime:        at android.os.Handler.dispatchMessage(Handler.java:100)
06-19 21:08:17.201 30453 30453 E AndroidRuntime:        at android.os.Looper.loop(Looper.java:214)
06-19 21:08:17.201 30453 30453 E AndroidRuntime:        at android.app.ActivityThread.main(ActivityThread.java:7356)
06-19 21:08:17.201 30453 30453 E AndroidRuntime:        ... 3 more

[plateaukao]

This time, it should work. I verified with https://self-signed.badssl.com/ Please try again: https://nightly.link/plateaukao/browser/workflows/buid-app-workflow.yaml/main/app-release.apk.zip

[winstonma]

First of all let me change the title.

I downloaded the latest version and yes it prompt the warning page. Thanks for this.

Just have two tiny questions to ask

• Is it possible that I can suppress the warning?
• If I press the stop button when the webpage is loading, I would get a pop-up message: Can't load this URL: null. To replicate the senario, I guess you can download the release version and the badssl website. Then press the stop button.

[plateaukao]

If current dialog did work, I'll try to add a check box in the dialog, so that users can skip the warning dialog within the same session. I think it's not possible to fully supress the dialog, because it will be rejected by Google Play Store release policy because of not handling SSL error correctly. If you really want to supreess it for your own purpose and think SSL error is something under your control, you can fork the app and override the function with handler.proceed(). It will just work as what you expected.

And thanks for pointing out the stop button. I will look into it too.

[winstonma]

Understand. I am using different browsers and they don't have the settings that suppress warnings ಥ_ಥ

I guess this ticket can be closed as the webpage can be displayed.

[winstonma]

Sorry but I am using einkbro with my phone. I would like to know if it's possible to use dark background in reader mode?

[plateaukao]

Maybe they are lucky not to get caught? https://stackoverflow.com/questions/36050741/webview-avoid-security-alert-from-google-play-upon-implementation-of-onreceiveds

Do you mean separate dark background for reader mode? Now if device is in dark mode (newer Android), the web would be in dark mode. In this case, if you turn on reader mode, it should also be in dark background.

As for creating separate theme for Reader Mode, this may take more effort and until I separate Reader Mode into a new WebView. So far, I dont have time or intent for that, since I mainly use EinkBro on my Eink readers. And on my phones, they have dark mode too.

[winstonma]

😭I am using dark theme and I saw the einkbro bottom bar has the dark background, but the reader mode background is still white. I think if einkbro follow system theme is good enough, but currently the reader mode is in white.

[plateaukao]

what device are you using is it of Android 10 or higher?

[winstonma]

I am using Xiaomi Note 8 with custom rom, it is running Android 10

And this is the screenshot

Dark theme (You can see the bottom bar is in dark theme, the reader mode with light background)

[plateaukao]

@winstonma please create anpther ticket for that with sample url to track. I'll close this one.

[winstonma]

Thanks @plateaukao

[winstonma]

Sorry to bother you on this issue again.

As some webpage have many Ad blocked by adaway, I got many SSL error popup. Is it possible that it would only show one popup per webpage? Thanks a lot. 🙏

[plateaukao]

@winstonma Do you mean multiple web pages in same website? or do you mean it pops up multiple error dialogs for a single web page? If it's the former, you may have to wait until I have time to implement an option to turn off ssl error dismiss option for the same session. If it's the latter, you need to provide example urls so I can reproduce the behavior, and see if anything I can do quickly to prevent it.

[winstonma]

Should be multiple error dialogs for a single web page. I would see multiple dialogs in Ad Blocker Test - d3ward, with Adaway enabled.

It only happens when visit the webpage the first time but there is no more dialog afterwards, which is a good thing for me. But I would like to see if it is possible just to have one dialog per visited website? Thanks a lot