| 12345678910111213141516171819202122232425262728293031323334353637383940 |
- // lib/data/datasources/remote/secure_http_client.dart
- import 'dart:io';
- import 'package:http/http.dart' as http;
- import 'package:http/io_client.dart' as http;
-
- class SecureHttpClient {
- static http.Client createSecureClient() {
- // 生产环境:严格的证书验证
- if (const bool.fromEnvironment('dart.vm.product')) {
- final securityContext = SecurityContext.defaultContext;
-
- // 你可以添加自定义根证书(如果需要)
- // securityContext.setTrustedCertificates('path/to/certificate.pem');
-
- final httpClient = HttpClient(context: securityContext);
-
- // 配置安全策略
- httpClient.badCertificateCallback =
- (X509Certificate cert, String host, int port) {
- // 生产环境严格验证
- return false; // 拒绝无效证书
- };
-
- return http.IOClient(httpClient);
- }
- // 开发环境:宽松的验证
- else {
- final httpClient = HttpClient();
-
- httpClient.badCertificateCallback =
- (X509Certificate cert, String host, int port) {
- // 开发环境允许自签名证书
- // print('警告:使用自签名证书 - $host:$port');
- return true;
- };
-
- return http.IOClient(httpClient);
- }
- }
- }
|
