我已经设置了从 Android 应用程序调用远程服务器到远程服务器的代码。这是代码:
private class DownloadWebPageTask extends AsyncTask<String, Void, String>
{
@Override
protected String doInBackground(String... theParams)
{
Log.d( "Inner class: " , "Doing stuff in background" );
String myUrl = theParams[0];
String myEmail = theParams[1];
String myPassword = theParams[2];
Log.d( "Inner myURL: " , myUrl );
Log.d( "myEmail: " , myEmail );
Log.d( "myPass: " , myPassword );
ArrayList<NameValuePair> postParameters = new ArrayList<NameValuePair>();
postParameters.add(new BasicNameValuePair("username", myEmail ));
postParameters.add(new BasicNameValuePair("password", myPassword ));
String response = "";
DefaultHttpClient client = new DefaultHttpClient();
HttpGet httpGet = new HttpGet(myUrl);
try
{
HttpResponse execute = client.execute(httpGet);
InputStream content = execute.getEntity().getContent();
BufferedReader buffer = new BufferedReader(
new InputStreamReader(content));
String s = "";
while ((s = buffer.readLine()) != null)
{
response += s;
}
Log.d( "After call, response: " , " " + response);
}
catch (Exception e)
{
Log.d( "Exception: " , "Yup");
e.printStackTrace();
}
return response;
}
@Override
protected void onPostExecute(String result)
{
Log.d( "Post execute: " , "In the post-execute method" );
//textView.setText(result);
if ( result != null && result == "Ok")
{
Log.d( "Post execute: " , "OKKKK :)" );
}
else
{
Log.d( "Post execute: " , "NOOOT OKKKK :)" );
}
}
这是一个要进行身份验证和登录的请求。正如您所见,我现在正在从用户那里收集登录名和密码,但不确定如何最好地将其附加到请求 URL。
我可以做类似 urlString + "?login=login&pass=pass 的事情,但我想知道在 Android 环境中是否有这样做的“良好实践”方式?另外,我的 url 不是 htpps - 是否有确保安全的方法?
谢谢!
最佳答案
这不安全。您的 URL 很可能通过未加密的几个跃点通过 Internet 传递。嗅探这些请求非常简单。最简单的方法是使用 HttpPost 在消息正文中发送此数据并使用 HTTPS。如果必须使用 HTTP,请尝试 digest authentication此处解释:how to use Digest authentication in android?
关于android - 将参数从 Android AsyncTask 发送到远程服务器,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/9439136/