Cordova / Phonegap plugin for communicating with HTTP servers. Supports iOS, Android and Browser.
This is a fork of Wymsee's Cordova-HTTP plugin.
- Background threading - all requests are done in a background thread.
- Handling of HTTP code 401 - read more at Issue CB-2415.
- SSL Pinning - read more at LumberBlog.
Please check CHANGELOG.md for details about updating to a new version.
The plugin conforms to the Cordova plugin specification, it can be installed using the Cordova / Phonegap command line interface.
phonegap plugin add cordova-plugin-advanced-http
cordova plugin add cordova-plugin-advanced-http
This plugin registers a global object located at cordova.plugin.http
.
Check the Ionic docs for how to use this plugin with Ionic-native.
To implement SSL Pinning check: README-SSL-PINNING.
This returns an object representing a basic HTTP Authorization header of the form {'Authorization': 'Basic base64encodedusernameandpassword'}
var header = cordova.plugin.http.getBasicAuthHeader('user', 'password');
This sets up all future requests to use Basic HTTP authentication with the given username and password.
cordova.plugin.http.useBasicAuth('user', 'password');
Set a header for all future requests to a specified host. Takes a hostname, a header and a value (must be a string value).
cordova.plugin.http.setHeader('Hostname', 'Header', 'Value');
You can also define headers used for all hosts by using wildcard character "*" or providing only two params.
cordova.plugin.http.setHeader('*', 'Header', 'Value');
cordova.plugin.http.setHeader('Header', 'Value');
The hostname also includes the port number. If you define a header for www.example.com
it will not match following URL http://www.example.com:8080
.
// will match http://www.example.com/...
cordova.plugin.http.setHeader('www.example.com', 'Header', 'Value');
// will match http://www.example.com:8080/...
cordova.plugin.http.setHeader('www.example.com:8080', 'Header', 'Value');
Set the data serializer which will be used for all future PATCH, POST and PUT requests. Takes a string representing the name of the serializer.
cordova.plugin.http.setDataSerializer('urlencoded');
You can choose one of these:
urlencoded
: send data as url encoded content in body (content type "application/x-www-form-urlencoded")json
: send data as JSON encoded content in body (content type "application/json")utf8
: send data as plain UTF8 encoded string in body (content type "plain/text")
You can also override the default content type headers by specifying your own headers (see setHeader).
Caution: urlencoded
does not support serializing deep structures whereas json
does.
Set how long to wait for a request to respond, in seconds.
cordova.plugin.http.setRequestTimeout(5.0);
Returns saved cookies (as string) matching given URL.
cordova.plugin.http.getCookieString(url);
Add a custom cookie. Takes a URL, a cookie string and an options object. See ToughCookie documentation for allowed options.
cordova.plugin.http.setCookie(url, cookie, options);
Clear the cookie store.
cordova.plugin.http.clearCookies();
These functions all take success and error callbacks as their last 2 arguments.
Set SSL Cert handling mode, being one of the following values:
default
: default SSL cert handling using system's CA certsnocheck
: disable SSL cert checking, trusting all certs (meant to be used only for testing purposes)pinned
: trust only provided certs
To use SSL pinning you must include at least one .cer SSL certificate in your app project. You can pin to your server certificate or to one of the issuing CA certificates. For ios include your certificate in the root level of your bundle (just add the .cer file to your project/target at the root level). For android include your certificate in your project's platforms/android/assets folder. In both cases all .cer files found will be loaded automatically. If you only have a .pem certificate see this stackoverflow answer. You want to convert it to a DER encoded certificate with a .cer extension.
As an alternative, you can store your .cer files in the www/certificates folder.
// enable SSL pinning
cordova.plugin.http.setSSLCertMode('pinned', function() {
console.log('success!');
}, function() {
console.log('error :(');
});
// use system's default CA certs
cordova.plugin.http.setSSLCertMode('default', function() {
console.log('success!');
}, function() {
console.log('error :(');
});
// disable SSL cert checking, only meant for testing purposes, do NOT use in production!
cordova.plugin.http.setSSLCertMode('nocheck', function() {
console.log('success!');
}, function() {
console.log('error :(');
});
This function was removed in 2.0.0. Use "setSSLCertMode" to enable SSL pinning (mode "pinned").
This function was removed in 2.0.0. Use "setSSLCertMode" to disable checking certs (mode "nocheck").
If set to true
, it won't follow redirects automatically. This defaults to false.
cordova.plugin.http.disableRedirect(true, function() {
console.log('success!');
}, function() {
console.log('error :(');
});
This function was removed in v1.6.2. Domain name validation is disabled automatically when you set SSL cert mode to "nocheck".
Remove all cookies associated with a given URL.
cordova.plugin.http.removeCookies(url, callback);
Execute a HTTP request. Takes a URL and an options object. This is the internally used implementation of the following shorthand functions (post, get, put, patch, delete, head, uploadFile and downloadFile). You can use this function, if you want to override global settings for each single request.
The options object contains following keys:
method
: HTTP method to be used, defaults toget
, needs to be one of the following values:get
,post
,put
,patch
,head
,delete
,upload
,download
data
: payload to be send to the server (only applicable onpost
,put
orpatch
methods)params
: query params to be appended to the URL (only applicable onget
,head
,delete
,upload
ordownload
methods)serializer
: data serializer to be used (only applicable onpost
,put
orpatch
methods), defaults to global serializer value, see setDataSerializer for supported valuestimeout
: timeout value for the request in seconds, defaults to global timeout valueheaders
: headers object (key value pair), will be merged with global valuesfilePath
: filePath to be used during upload and download see uploadFile and downloadFile for detailed informationname
: name to be used during upload see uploadFile for detailed information
Here's a quick example:
const options = {
method: 'post',
data: { id: 12, message: 'test' },
headers: { Authorization: 'OAuth2: token' }
};
cordova.plugin.http.sendRequest('https://google.com/', options, function(response) {
// prints 200
console.log(response.status);
}, function(response) {
// prints 403
console.log(response.status);
//prints Permission denied
console.log(response.error);
});
Execute a POST request. Takes a URL, data, and headers.
The success function receives a response object with 4 properties: status, data, url, and headers. status is the HTTP response code as numeric value. data is the response from the server as a string. url is the final URL obtained after any redirects as a string. headers is an object with the headers. The keys of the returned object are the header names and the values are the respective header values. All header names are lowercase.
Here's a quick example:
{
status: 200,
data: '{"id": 12, "message": "test"}',
url: 'http://example.net/rest'
headers: {
'content-length': '247'
}
}
Most apis will return JSON meaning you'll want to parse the data like in the example below:
cordova.plugin.http.post('https://google.com/', {
id: 12,
message: 'test'
}, { Authorization: 'OAuth2: token' }, function(response) {
// prints 200
console.log(response.status);
try {
response.data = JSON.parse(response.data);
// prints test
console.log(response.data.message);
} catch(e) {
console.error('JSON parsing error');
}
}, function(response) {
// prints 403
console.log(response.status);
//prints Permission denied
console.log(response.error);
});
The error function receives a response object with 4 properties: status, error, url, and headers (url and headers being optional). status is the HTTP response code as numeric value. error is the error response from the server as a string. url is the final URL obtained after any redirects as a string. headers is an object with the headers. The keys of the returned object are the header names and the values are the respective header values. All header names are lowercase.
Here's a quick example:
{
status: 403,
error: 'Permission denied',
url: 'http://example.net/noperm'
headers: {
'content-length': '247'
}
}
Execute a GET request. Takes a URL, parameters, and headers. See the post documentation for details on what is returned on success and failure.
cordova.plugin.http.get('https://google.com/', {
id: '12',
message: 'test'
}, { Authorization: 'OAuth2: token' }, function(response) {
console.log(response.status);
}, function(response) {
console.error(response.error);
});
Execute a PUT request. Takes a URL, data, and headers. See the post documentation for details on what is returned on success and failure.
Execute a PATCH request. Takes a URL, data, and headers. See the post documentation for details on what is returned on success and failure.
Execute a DELETE request. Takes a URL, parameters, and headers. See the post documentation for details on what is returned on success and failure.
Execute a HEAD request. Takes a URL, parameters, and headers. See the post documentation for details on what is returned on success and failure.
Uploads a file saved on the device. Takes a URL, parameters, headers, filePath, and the name of the parameter to pass the file along as. See the post documentation for details on what is returned on success and failure.
cordova.plugin.http.uploadFile("https://google.com/", {
id: '12',
message: 'test'
}, { Authorization: 'OAuth2: token' }, 'file:///somepicture.jpg', 'picture', function(response) {
console.log(response.status);
}, function(response) {
console.error(response.error);
});
Downloads a file and saves it to the device. Takes a URL, parameters, headers, and a filePath. See post documentation for details on what is returned on failure. On success this function returns a cordova FileEntry object.
cordova.plugin.http.downloadFile("https://google.com/", {
id: '12',
message: 'test'
}, { Authorization: 'OAuth2: token' }, 'file:///somepicture.jpg', function(entry) {
// prints the filename
console.log(entry.name);
// prints the filePath
console.log(entry.fullPath);
}, function(response) {
console.error(response.error);
});
This plugin supports a very restricted set of functions on the browser platform. It's meant for testing purposes, not for production grade usage.
Following features are not supported:
- Manipulating Cookies
- Uploading and Downloading files
- Pinning SSL certificate
- Disabling SSL certificate check
- Disabling transparently following redirects (HTTP codes 3xx)
This plugin utilizes some awesome open source libraries:
- iOS - AFNetworking (MIT licensed)
- Android - http-request (MIT licensed)
- Cookie handling - tough-cookie (BSD-3-Clause licensed)
We made a few modifications to the networking libraries.
We've set up a separate document for our contribution guidelines.