Malformed JSON was received. #161
Labels
No Label
⌚ Major-release
⌚ Minor-release
⚔️ Wontfix
⚙️ CI
⛏️ Breaking
✨ Duplicate
❌ Invalid
❓ Question
❤️ Support
➡️ Frontport
➡️ Needs-frontport
🔙 Backport
💭 Brainstorming
🐛 Bug
🔭 Cannot-reproduce
🧺 Cleanup
🧾 Confirmed
💬 Discussion
📄 Documentation
🎯 Enhancement
🩹 External-dependecy
📱 F-droid
🎉 Feature
👋 Good-first-issue
🤾 Google-play
🔙 Has-backport
🚀 Improvement
🚨 Investigate
🌠 Long-term
🔙 Needs-backport
🧺 Needs-cleanup
📡 Needs-feedback
📈 Performance
📌 Priority-critical
📌 Priority-high
📍 Priority-low
📍 Priority-medium
🥑 Ready
🪒 Refactor
🔙 Regression
📸 Release
🔒 Security
💡 Suggestion
🧪 Testing
🌐 Translation
💻 UI/UX
🪜 Upstream
🟦 Website
🙇♂️ Needs-help
🛰️ API-dependency
🛡️ Blocked
🏗️ Build
🗒️ Changelog
🗄️ Repository
🗓️ Summary
No Milestone
No project
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: gitnex/GitNex#161
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Created By: @korrozive_bot
Description - describe the bug / feature / suggestion in brief :
Hello There
Thanks for this great app.
Unfortunately, every time I try login to my own Gitea server through Gitnex i get the following error:
Malformed JSON was received. Server response was not successful.
I'm using a self-signed certificate to use https communications so i think this could be the problem.
Expected behaviour - describe what should be the expected result :
Successful login message and redirection to the main page/feed in Gitnex app.
GitNex version : 2.1.3
Gitea version : 1.9.3
Android version : 9
Screenshots - if any:
Logs - if any :
@mmarif I think now its worth to add a subroutine wich checks the Instance bevore using it:
@korrozive_bot i think your your cert is the roblem ... I assume
"By default, Retrofit will not connect to the subdomains (e.g., https://expired.badssl.com/ with bad SSL certificates."
source: https://futurestud.io/tutorials/retrofit-2-how-to-trust-unsafe-ssl-certificates-self-signed-expired
Is your Instance public/private?
if public:
if private:
alow self-signed certificate as default is dangerous
Tested result: self-cert not falide!
@korrozive_bot
If you have Discord we can chat at:
[GitNex dev channel] https://discord.gg/eFTcvmp
It could be many things. If you want me to debug in detail, you could share the details in discord or email to gitnex@swatian.com your instance address and test account.
@mmarif I tested it -> it is because of self-cert
@6544 great to find the source cause.
I am still interested to find more details about it like is the cert expired?
Also if the instance is on internet, you can easily get free cert from letsencrypt. That will solve all your problems regarding the app and more trusted in browser.
@mmarif we could add a check to https://gitea.com/gitnex/GitNex/src/branch/master/app/src/main/java/org/mian/gitnex/activities/LoginActivity.java#L410
wich Toasty.info("
<if ssl cert error tell it to the user>
")Created By: @korrozive_bot
Hi @6543, thanks for your reply.
allow self-signed certificate as default is dangerous
I'm a noob but if you can validate sha256 and sha1 of the cert you can decide trust or not without need of an Authority.
I'm exposing my gitea server to internet using a reverse proxy from another computer (i have access but it isn't mine, also i don't want expose it to some exploits due a bad configuration in my gitea instance). I enabled https communication to avoid MITM attacks and a way to be sure i'm login in my gitea server.
Can Let's encrypt certify a web page that is offline the most part of the time?
Is there a way to get and check the ssl certificate and create the exception to connect through gitnext?.
Thanks in advance.
Was you able to catch the exact error from api?
@mmarif this is NO api error its an error from our HTTP(s) library! (Retrofit 2)
@korrozive_bot if your computer reachable from outside (to test use tor browser) via port 80 you can optain a letsencrypt cert it only has to be onlyne at validation
@6543 Yes, I mentioned it wrongly. Suppose to be Retrofit call. How did you check this? can you share the test instance so I can have solution to show at least some toast message.
@korrozive_bot yes, as mentioned you can get a cert if your instance is exposed to internet. Also it will be not a good thing to accept self signed certs. Android is not that strict in this regard but still it is not recommended.
Alternatively you can use just http.
Its a localhost instance so i cant :(
But I can provide you LOGs and a how to setup ... Discord
@korrozive_bot I'll close this for now due inactivery - if you still have proble with tis feel free to reopen
I hope this issue is somehow solved by either using http, https(valid ssl cert).
Closing it for now, please reopen if the issue is not solved.
Just for future ref, #316 if implemented will solve the self signed cert issue.