summaryrefslogtreecommitdiff
path: root/core/java/android
diff options
context:
space:
mode:
authorJon Dormody <jond@google.com>2017-11-09 16:58:09 +0000
committerandroid-build-merger <android-build-merger@google.com>2017-11-09 16:58:09 +0000
commitdf7f15e7d845f87b777d80d062a91fca2e2e4a0a (patch)
tree9a56aedca339737164f1e7b02a0eb9cf51460b01 /core/java/android
parentfde6ea8d29da5f9c6b321df64c8f0722d1173586 (diff)
parent5770dfd1e59bda47e093aabd5fe990d2f3860519 (diff)
Merge "Docs: Added a link to Updating Your Security Provider to Protect Against SSL Exploits" into oc-dev am: 459735662f am: 13e959bbec am: d9696eb356
am: 5770dfd1e5 Change-Id: Ide1714d289c756891cbfd63db1eb549d4aa0dfbc
Diffstat (limited to 'core/java/android')
-rw-r--r--core/java/android/net/SSLCertificateSocketFactory.java7
1 files changed, 6 insertions, 1 deletions
diff --git a/core/java/android/net/SSLCertificateSocketFactory.java b/core/java/android/net/SSLCertificateSocketFactory.java
index 0b1569ca4ff5..4817813cab1b 100644
--- a/core/java/android/net/SSLCertificateSocketFactory.java
+++ b/core/java/android/net/SSLCertificateSocketFactory.java
@@ -63,7 +63,12 @@ import javax.net.ssl.X509TrustManager;
* This implementation does check the server's certificate hostname, but only
* for createSocket variants that specify a hostname. When using methods that
* use {@link InetAddress} or which return an unconnected socket, you MUST
- * verify the server's identity yourself to ensure a secure connection.</p>
+ * verify the server's identity yourself to ensure a secure connection.
+ *
+ * Refer to
+ * <a href="https://developer.android.com/training/articles/security-gms-provider.html">
+ * Updating Your Security Provider to Protect Against SSL Exploits</a>
+ * for further information.</p>
*
* <p>One way to verify the server's identity is to use
* {@link HttpsURLConnection#getDefaultHostnameVerifier()} to get a
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-04 03:57:01 +0000