summaryrefslogtreecommitdiff
path: root/core/java/android
diff options
context:
space:
mode:
authorJon Dormody <jond@google.com>2017-11-09 16:42:19 +0000
committerandroid-build-merger <android-build-merger@google.com>2017-11-09 16:42:19 +0000
commit5770dfd1e59bda47e093aabd5fe990d2f3860519 (patch)
tree5937315ecfc8eaba764b8adb23d8e32cad256809 /core/java/android
parentf7c0f2e6bfd97331f9d5653b383d705291d04c59 (diff)
parentd9696eb356320e8f4bce012f1803a60a08116a1b (diff)
Merge "Docs: Added a link to Updating Your Security Provider to Protect Against SSL Exploits" into oc-dev am: 459735662f am: 13e959bbec
am: d9696eb356 Change-Id: I616cd581d38cdae91c53b31325e08919efd92a8c
Diffstat (limited to 'core/java/android')
-rw-r--r--core/java/android/net/SSLCertificateSocketFactory.java7
1 files changed, 6 insertions, 1 deletions
diff --git a/core/java/android/net/SSLCertificateSocketFactory.java b/core/java/android/net/SSLCertificateSocketFactory.java
index 0b1569ca4ff5..4817813cab1b 100644
--- a/core/java/android/net/SSLCertificateSocketFactory.java
+++ b/core/java/android/net/SSLCertificateSocketFactory.java
@@ -63,7 +63,12 @@ import javax.net.ssl.X509TrustManager;
* This implementation does check the server's certificate hostname, but only
* for createSocket variants that specify a hostname. When using methods that
* use {@link InetAddress} or which return an unconnected socket, you MUST
- * verify the server's identity yourself to ensure a secure connection.</p>
+ * verify the server's identity yourself to ensure a secure connection.
+ *
+ * Refer to
+ * <a href="https://developer.android.com/training/articles/security-gms-provider.html">
+ * Updating Your Security Provider to Protect Against SSL Exploits</a>
+ * for further information.</p>
*
* <p>One way to verify the server's identity is to use
* {@link HttpsURLConnection#getDefaultHostnameVerifier()} to get a
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-03 16:24:38 +0000