Loading specific HTTPS web application in Android webview

Issue

I am trying to load the web application https://waveswallet.io which is a blockchain wallet app on an android webview, all my attempts failed.

I've tried all the different methods mentioned on stack for https sites but the application refuses to loads on the webview, though working fine with any chrome or firefox browser.

here is the code that I've used so far.

mWebView =(WebView)findViewById(R.id.webview);
mWebView.getSettings().setJavaScriptEnabled(true);
mWebView.getSettings().setDomStorageEnabled(true);
mWebView.getSettings().setAppCacheEnabled(true);
mWebView.getSettings().setJavaScriptCanOpenWindowsAutomatically(true);
mWebView.getSettings().setCacheMode(WebSettings.LOAD_DEFAULT);
mWebView.loadUrl("https://waveswallet.io");
mWebView.setWebChromeClient(new WebChromeClient());
mWebView.setWebViewClient(new WebViewClient());

Solution

Use below code to WebViewClient and handle the onReceivedSslError method:

mWebView.setWebViewClient(new WebViewClient() {

            @Override
            public void onReceivedSslError(WebView view, final SslErrorHandler handler, SslError error){
                final AlertDialog.Builder builder = new AlertDialog.Builder(view.getContext());
                String message = "SSL Certificate error.";
                switch (error.getPrimaryError()) {
                    case SslError.SSL_UNTRUSTED:
                        message = "The certificate authority is not trusted.";
                        break;
                    case SslError.SSL_EXPIRED:
                        message = "The certificate has expired.";
                        break;
                    case SslError.SSL_IDMISMATCH:
                        message = "The certificate Hostname mismatch.";
                        break;
                    case SslError.SSL_NOTYETVALID:
                        message = "The certificate is not yet valid.";
                        break;
                    case SslError.SSL_DATE_INVALID:
                        message = "The date of the certificate is invalid.";
                        break;
                    case SslError.SSL_INVALID:
                        message = "A generic error occurred.";
                        break;
                    case SslError.SSL_MAX_ERROR:
                        message = "Unknown error occurred.";
                        break;
                }
                message += " Do you want to continue anyway?";

                builder.setTitle("SSL Certificate Error");
                builder.setMessage(message);
                builder.setPositiveButton("Continue", new DialogInterface.OnClickListener() {
                    @Override
                    public void onClick(DialogInterface dialog, int which) {
                        handler.proceed();
                    }
                });
                builder.setNegativeButton("Cancel", new DialogInterface.OnClickListener() {
                    @Override
                    public void onClick(DialogInterface dialog, int which) {
                        handler.cancel();
                    }
                });
                final AlertDialog dialog = builder.create();
                dialog.show();
            }
        });

And Move this line to the last line of code and after above code:

mWebView.loadUrl("https://waveswallet.io");

UPDATED COMPLETE CODE:

    StrictMode.ThreadPolicy policy = new StrictMode.ThreadPolicy.Builder().permitAll().build();
    StrictMode.setThreadPolicy(policy);

    CookieManager.getInstance().setAcceptCookie(true);
        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) {
            // If Android 6.0+ i must add support for Third Party Cookies
            CookieManager.getInstance().setAcceptThirdPartyCookies(sourceWebView, true);
        }
        mWebView.getSettings().setPluginState(WebSettings.PluginState.ON);
      mWebView.getSettings().setJavaScriptCanOpenWindowsAutomatically(false);
        //mWebView.getSettings().setPluginsEnabled(true);
        mWebView.getSettings().setSupportMultipleWindows(false);
        mWebView.getSettings().setSupportZoom(true);
        mWebView.setVerticalScrollBarEnabled(true);
        mWebView.setHorizontalScrollBarEnabled(true);
        mWebView.getSettings().setBuiltInZoomControls(true);
        mWebView.getSettings().setLoadWithOverviewMode(true);
        mWebView.getSettings().setUseWideViewPort(true);
        mWebView.getSettings().setUserAgentString("Android WebView");
        mWebView.getSettings().setDomStorageEnabled(true);
        mWebView.getSettings().setCacheMode(WebSettings.LOAD_DEFAULT);
        mWebView.getSettings().setJavaScriptEnabled(true);
        mWebView.addJavascriptInterface(this, "Android");// add this only if required. Vulnerable to mitm attacks.
        mWebView.getSettings().setLoadsImagesAutomatically(true);
        mWebView.getSettings().setAppCacheEnabled(true);
        mWebView.getSettings().setAllowFileAccess(true);
        mWebView.getSettings().setLoadWithOverviewMode(true);
        mWebView.setWebChromeClient(new WebChromeClient());
        mWebView.setWebViewClient(new WebViewClient());// use as above to handle ssl errors
        mWebView.loadUrl("https://waveswallet.io");

OUTPUT SCREENSHOTS

Device 1 - Moto E3 Power [Android Marshmallow 6.0, API level 23]

Device 2 - Samsung Galaxy S8 [Android Nougat 7.0, API level 24]

Device 3 - One Plus Five [Android Oreo 8.0.0, API level 26]

I hope this will solve your problem. As it is problem with your SSL Certificate on the website.

Answered By - Amrut Bidri