TBA - Make sure third-party code is proxy safe
It looks like Picasso
(for image download and rendering) create connections that aren't proxy safe. There is other third party code that does this, as well, but we should never use leanplum
(telemetry). We should audit httpclientandroidlib
and confirm the connections are correctly proxying.
$ git grep -n openConnection\( mobile/android/thirdparty/
mobile/android/thirdparty/ch/boye/httpclientandroidlib/conn/ClientConnectionOperator.java:78: void openConnection(OperatedClientConnection conn,
mobile/android/thirdparty/ch/boye/httpclientandroidlib/impl/conn/DefaultClientConnectionOperator.java:144: public void openConnection(
mobile/android/thirdparty/ch/boye/httpclientandroidlib/impl/conn/ManagedClientConnectionImpl.java:304: this.operator.openConnection(
mobile/android/thirdparty/com/leanplum/internal/SocketIOClient.java:82: HttpURLConnection connection = (HttpURLConnection) url.openConnection();
mobile/android/thirdparty/com/leanplum/internal/Util.java:540: HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection();
mobile/android/thirdparty/com/squareup/picasso/UrlConnectionDownloader.java:46: protected HttpURLConnection openConnection(Uri path) throws IOException {
mobile/android/thirdparty/com/squareup/picasso/UrlConnectionDownloader.java:47: HttpURLConnection connection = (HttpURLConnection) new URL(path.toString()).openConnection();
mobile/android/thirdparty/com/squareup/picasso/UrlConnectionDownloader.java:58: HttpURLConnection connection = openConnection(uri);
This isn't the only offending method, we should audit these thoroughly.