HttpClientHandler.DangerousAcceptAnyServerCertificateValidator 屬性
定義
重要
部分資訊涉及發行前產品,在發行之前可能會有大幅修改。 Microsoft 對此處提供的資訊,不做任何明確或隱含的瑕疵擔保。
會獲得一個快取代理,且總是回傳 true。
public:
static property Func<System::Net::Http::HttpRequestMessage ^, System::Security::Cryptography::X509Certificates::X509Certificate2 ^, System::Security::Cryptography::X509Certificates::X509Chain ^, System::Net::Security::SslPolicyErrors, bool> ^ DangerousAcceptAnyServerCertificateValidator { Func<System::Net::Http::HttpRequestMessage ^, System::Security::Cryptography::X509Certificates::X509Certificate2 ^, System::Security::Cryptography::X509Certificates::X509Chain ^, System::Net::Security::SslPolicyErrors, bool> ^ get(); };[System.Runtime.Versioning.UnsupportedOSPlatform("browser")]
public static Func<System.Net.Http.HttpRequestMessage,System.Security.Cryptography.X509Certificates.X509Certificate2?,System.Security.Cryptography.X509Certificates.X509Chain?,System.Net.Security.SslPolicyErrors,bool> DangerousAcceptAnyServerCertificateValidator { get; }public static Func<System.Net.Http.HttpRequestMessage,System.Security.Cryptography.X509Certificates.X509Certificate2?,System.Security.Cryptography.X509Certificates.X509Chain?,System.Net.Security.SslPolicyErrors,bool> DangerousAcceptAnyServerCertificateValidator { get; }public static Func<System.Net.Http.HttpRequestMessage,System.Security.Cryptography.X509Certificates.X509Certificate2,System.Security.Cryptography.X509Certificates.X509Chain,System.Net.Security.SslPolicyErrors,bool> DangerousAcceptAnyServerCertificateValidator { get; }[<System.Runtime.Versioning.UnsupportedOSPlatform("browser")>]
static member DangerousAcceptAnyServerCertificateValidator : Func<System.Net.Http.HttpRequestMessage, System.Security.Cryptography.X509Certificates.X509Certificate2, System.Security.Cryptography.X509Certificates.X509Chain, System.Net.Security.SslPolicyErrors, bool>static member DangerousAcceptAnyServerCertificateValidator : Func<System.Net.Http.HttpRequestMessage, System.Security.Cryptography.X509Certificates.X509Certificate2, System.Security.Cryptography.X509Certificates.X509Chain, System.Net.Security.SslPolicyErrors, bool>Public Shared ReadOnly Property DangerousAcceptAnyServerCertificateValidator As Func(Of HttpRequestMessage, X509Certificate2, X509Chain, SslPolicyErrors, Boolean)屬性值
一個快取的代理,總是回傳 true。
- 屬性
備註
特別是在測試情境中,常見的模式是 HttpClient 用不應該驗證的憑證(如自簽憑證)連接到伺服器。 你通常 HttpClientHandler 會將屬性設定 ServerCertificateCustomValidationCallback 為一個總是回傳 True的代理;這表示憑證已通過驗證。 然而,並非所有實作都支援此回調,有些實作會拋出 PlatformNotSupportedException。
該 DangerousAcceptAnyServerCertificateValidator 物業針對此限制進行了解決。 屬性返回 DangerousAcceptAnyServerCertificateValidator 的代理可以被指派到該 ServerCertificateCustomValidationCallback 屬性,如下範例所示:
handler.ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator;
這為實作提供了 HttpClientHandler 一個已知的物件參考身份,以表達開發者的意圖。 如果屬性中 ServerCertificateCustomValidationCallback 儲存的物件參考值等於 DangerousAcceptAnyServerCertificateValidator,執行時就能完全停用平台上的驗證,否則會拋出 PlatformNotSupportedException。
作為額外好處,開發者可以利用此特性讓工具更容易標示禁用憑證驗證的危險,從而避免發佈不安全的應用程式。
