You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cordova.apache.org by Shazron <sh...@gmail.com> on 2018/06/18 04:02:12 UTC
Android 4.4 support?
We keep seeing this failed Media test on Android 4.4:
https://github.com/apache/cordova-plugin-media/pull/166
I'm not sure of the state of our Android support, especially 4.4. Does
anyone have any pointers? Thanks
Re: Android 4.4 support?
Posted by Shazron <sh...@gmail.com>.
"We should consider KitKat 'abandoned'" w.r.t. the media plugin, not
Cordova...
On Tue, Jun 19, 2018 at 11:47 PM Shazron <sh...@gmail.com> wrote:
> Using http might fix the test, for sure - but I think we should move on to
> testing https only, as the new normal.
>
> Although this is through one major browser vendor (which dwarfs all others
> at 60% market share) -- the coming https-pocalypse later this year (see
> https://techcrunch.com/2018/02/08/chrome-will-soon-mark-all-unencrypted-pages-as-not-secure/)
> is the hammer coming for most sites. These sites will not want to lose any
> Google juice and it will be the new reality (sites might not want to
> change, but customers leaving will make that choice for them).
>
> Even if we keep testing for http, most sites will eventually redirect to
> https, and we would be back to square one with the failing tests. We should
> consider KitKat 'abandoned' since Google definitely won't be updating it
> with the latest security standard.
>
> Filed and resolved: https://issues.apache.org/jira/browse/CB-14146
>
>
>
>
> On Tue, Jun 19, 2018 at 5:43 PM julio cesar sanchez <
> jcesarmobile@gmail.com> wrote:
>
>> Why don't we just use http instead of https? shouldn't that fix the
>> problems too? or https is required in other platforms?
>>
>> 2018-06-19 11:32 GMT+02:00 Ken Naito <ke...@monaca.io>:
>>
>>> Hi Shazron,
>>>
>>> Thanks for the advice!
>>> I sent a new commit of PR, which removes some tests for Android 4.4.
>>>
>>> Ken Naito.
>>>
>>> On 2018/06/19 13:35, Shazron wrote:
>>>
>>>> Thanks Ken!
>>>> I think we should go for the simpler option, and log this as a new
>>>> issue that is known and out of our control. Android 4.4 (even though 10% of
>>>> the market) should not be a priority for us.
>>>>
>>>> On Tue, Jun 19, 2018 at 12:30 PM Ken Naito <ken@monaca.io <mailto:
>>>> ken@monaca.io>> wrote:
>>>>
>>>>
>>>> I have investigated the test failure for Android 4.4. For
>>>> cordova-plugin-media, the cause of the failure may be the SSL
>>>> handshake.
>>>>
>>>> The MediaPlayer in Android 4.4 can not connect to a modern SSL
>>>> server.
>>>> For example:
>>>> https://cordova.apache.org/downloads/BlueZedEx.mp3
>>>>
>>>> https://cordova-develop.github.io/cordova-plugin-media/res/BlueZedEx.mp3
>>>>
>>>> On the other hand, the MediaPlayer can connect to a standard SSL
>>>> server
>>>> like:
>>>> https://www.asial.co.jp/data_knaito/BlueZedEx.mp3
>>>>
>>>> I have checked the packet, and the available cipher suites of
>>>> Android
>>>> 4.4 are as follows:
>>>>
>>>> ECDHE-RSA-AES256-CBC-SHA
>>>> ECDHE-ECDSA-AES256-CBC-SHA
>>>> SRP-SHA-DSS-AES256-CBC-SHA
>>>> SRP-SHA-RSA-AES256-CBC-SHA
>>>> DHE-RSA-AES256-CBC-SHA
>>>> DHE-DSS-AES256-CBC-SHA
>>>> ECDH-RSA-AES256-CBC-SHA
>>>> ECDH-ECDSA-AES256-CBC-SHA
>>>> RSA-AES256-CBC-SHA
>>>> ECDHE-RSA-3DES-EDE-CBC-SHA
>>>> ECDHE-ECDSA-3DES-EDE-CBC-SHA
>>>> SRP-SHA-DSS-3DES-EDE-CBC-SHA
>>>> SRP-SHA-RSA-3DES-EDE-CBC-SHA
>>>> DHE-RSA-3DES-EDE-CBC-SHA
>>>> DHE-DSS-3DES-EDE-CBC-SHA
>>>> ECDH-RSA-3DES-EDE-CBC-SHA
>>>> ECDH-ECDSA-3DES-EDE-CBC-SHA
>>>> RSA-3DES-EDE-CBC-SHA
>>>> ECDHE-RSA-AES128-CBC-SHA
>>>> ECDHE-ECDSA-AES128-CBC-SHA
>>>> SRP-SHA-DSS-AES128-CBC-SHA
>>>> SRP-SHA-RSA-AES128-CBC-SHA
>>>> DHE-RSA-AES128-CBC-SHA
>>>> DHE-DSS-AES128-CBC-SHA
>>>> ECDH-RSA-AES128-CBC-SHA
>>>> ECDH-ECDSA-AES128-CBC-SHA
>>>> RSA-AES128-CBC-SHA
>>>> ECDHE-RSA-RC4-SHA
>>>> ECDHE-ECDSA-RC4-SHA
>>>> ECDH-RSA-RC4-SHA
>>>> ECDH-ECDSA-RC4-SHA
>>>> RSA-RC4-SHA
>>>> RSA-RC4-MD5
>>>>
>>>> Modern SSL servers may refuse these cipher suites.
>>>>
>>>> In order to resolve this issue, the mp3 file should be downloaded in
>>>> another way and then be played by MediaPlayer.
>>>> One way of downloading is using the okhttp library with a custom ssl
>>>> socket factory.
>>>>
>>>> However, the okhttp library is not included in the latest
>>>> cordova-android, and cordova-plugin-okhttp
>>>> (https://github.com/MobileChromeApps/cordova-plugin-okhttp) is too
>>>> old
>>>> and not maintained.
>>>>
>>>> I think that a new okhttp plugin should be created, and
>>>> cordova-plugin-media should depend on the new okhttp plugin in
>>>> order to
>>>> connect to a modern SSL server.
>>>>
>>>> Or, a more simple option is to specify that the MediaPlayer can not
>>>> connect modern SSL servers for Android 4.4, and remove the test of
>>>> playing streams for Android 4.4.
>>>>
>>>>
>>>> On 2018/06/18 13:02, Shazron wrote:
>>>> > We keep seeing this failed Media test on Android 4.4:
>>>> > https://github.com/apache/cordova-plugin-media/pull/166
>>>> >
>>>> > I'm not sure of the state of our Android support, especially
>>>> 4.4. Does
>>>> > anyone have any pointers? Thanks
>>>> >
>>>>
>>>>
>>>
>>
Re: Android 4.4 support?
Posted by Shazron <sh...@gmail.com>.
Using http might fix the test, for sure - but I think we should move on to
testing https only, as the new normal.
Although this is through one major browser vendor (which dwarfs all others
at 60% market share) -- the coming https-pocalypse later this year (see
https://techcrunch.com/2018/02/08/chrome-will-soon-mark-all-unencrypted-pages-as-not-secure/)
is the hammer coming for most sites. These sites will not want to lose any
Google juice and it will be the new reality (sites might not want to
change, but customers leaving will make that choice for them).
Even if we keep testing for http, most sites will eventually redirect to
https, and we would be back to square one with the failing tests. We should
consider KitKat 'abandoned' since Google definitely won't be updating it
with the latest security standard.
Filed and resolved: https://issues.apache.org/jira/browse/CB-14146
On Tue, Jun 19, 2018 at 5:43 PM julio cesar sanchez <jc...@gmail.com>
wrote:
> Why don't we just use http instead of https? shouldn't that fix the
> problems too? or https is required in other platforms?
>
> 2018-06-19 11:32 GMT+02:00 Ken Naito <ke...@monaca.io>:
>
>> Hi Shazron,
>>
>> Thanks for the advice!
>> I sent a new commit of PR, which removes some tests for Android 4.4.
>>
>> Ken Naito.
>>
>> On 2018/06/19 13:35, Shazron wrote:
>>
>>> Thanks Ken!
>>> I think we should go for the simpler option, and log this as a new issue
>>> that is known and out of our control. Android 4.4 (even though 10% of the
>>> market) should not be a priority for us.
>>>
>>> On Tue, Jun 19, 2018 at 12:30 PM Ken Naito <ken@monaca.io <mailto:
>>> ken@monaca.io>> wrote:
>>>
>>>
>>> I have investigated the test failure for Android 4.4. For
>>> cordova-plugin-media, the cause of the failure may be the SSL
>>> handshake.
>>>
>>> The MediaPlayer in Android 4.4 can not connect to a modern SSL
>>> server.
>>> For example:
>>> https://cordova.apache.org/downloads/BlueZedEx.mp3
>>>
>>> https://cordova-develop.github.io/cordova-plugin-media/res/BlueZedEx.mp3
>>>
>>> On the other hand, the MediaPlayer can connect to a standard SSL
>>> server
>>> like:
>>> https://www.asial.co.jp/data_knaito/BlueZedEx.mp3
>>>
>>> I have checked the packet, and the available cipher suites of Android
>>> 4.4 are as follows:
>>>
>>> ECDHE-RSA-AES256-CBC-SHA
>>> ECDHE-ECDSA-AES256-CBC-SHA
>>> SRP-SHA-DSS-AES256-CBC-SHA
>>> SRP-SHA-RSA-AES256-CBC-SHA
>>> DHE-RSA-AES256-CBC-SHA
>>> DHE-DSS-AES256-CBC-SHA
>>> ECDH-RSA-AES256-CBC-SHA
>>> ECDH-ECDSA-AES256-CBC-SHA
>>> RSA-AES256-CBC-SHA
>>> ECDHE-RSA-3DES-EDE-CBC-SHA
>>> ECDHE-ECDSA-3DES-EDE-CBC-SHA
>>> SRP-SHA-DSS-3DES-EDE-CBC-SHA
>>> SRP-SHA-RSA-3DES-EDE-CBC-SHA
>>> DHE-RSA-3DES-EDE-CBC-SHA
>>> DHE-DSS-3DES-EDE-CBC-SHA
>>> ECDH-RSA-3DES-EDE-CBC-SHA
>>> ECDH-ECDSA-3DES-EDE-CBC-SHA
>>> RSA-3DES-EDE-CBC-SHA
>>> ECDHE-RSA-AES128-CBC-SHA
>>> ECDHE-ECDSA-AES128-CBC-SHA
>>> SRP-SHA-DSS-AES128-CBC-SHA
>>> SRP-SHA-RSA-AES128-CBC-SHA
>>> DHE-RSA-AES128-CBC-SHA
>>> DHE-DSS-AES128-CBC-SHA
>>> ECDH-RSA-AES128-CBC-SHA
>>> ECDH-ECDSA-AES128-CBC-SHA
>>> RSA-AES128-CBC-SHA
>>> ECDHE-RSA-RC4-SHA
>>> ECDHE-ECDSA-RC4-SHA
>>> ECDH-RSA-RC4-SHA
>>> ECDH-ECDSA-RC4-SHA
>>> RSA-RC4-SHA
>>> RSA-RC4-MD5
>>>
>>> Modern SSL servers may refuse these cipher suites.
>>>
>>> In order to resolve this issue, the mp3 file should be downloaded in
>>> another way and then be played by MediaPlayer.
>>> One way of downloading is using the okhttp library with a custom ssl
>>> socket factory.
>>>
>>> However, the okhttp library is not included in the latest
>>> cordova-android, and cordova-plugin-okhttp
>>> (https://github.com/MobileChromeApps/cordova-plugin-okhttp) is too
>>> old
>>> and not maintained.
>>>
>>> I think that a new okhttp plugin should be created, and
>>> cordova-plugin-media should depend on the new okhttp plugin in
>>> order to
>>> connect to a modern SSL server.
>>>
>>> Or, a more simple option is to specify that the MediaPlayer can not
>>> connect modern SSL servers for Android 4.4, and remove the test of
>>> playing streams for Android 4.4.
>>>
>>>
>>> On 2018/06/18 13:02, Shazron wrote:
>>> > We keep seeing this failed Media test on Android 4.4:
>>> > https://github.com/apache/cordova-plugin-media/pull/166
>>> >
>>> > I'm not sure of the state of our Android support, especially
>>> 4.4. Does
>>> > anyone have any pointers? Thanks
>>> >
>>>
>>>
>>
>
Re: Android 4.4 support?
Posted by julio cesar sanchez <jc...@gmail.com>.
Why don't we just use http instead of https? shouldn't that fix the
problems too? or https is required in other platforms?
2018-06-19 11:32 GMT+02:00 Ken Naito <ke...@monaca.io>:
> Hi Shazron,
>
> Thanks for the advice!
> I sent a new commit of PR, which removes some tests for Android 4.4.
>
> Ken Naito.
>
> On 2018/06/19 13:35, Shazron wrote:
>
>> Thanks Ken!
>> I think we should go for the simpler option, and log this as a new issue
>> that is known and out of our control. Android 4.4 (even though 10% of the
>> market) should not be a priority for us.
>>
>> On Tue, Jun 19, 2018 at 12:30 PM Ken Naito <ken@monaca.io <mailto:
>> ken@monaca.io>> wrote:
>>
>>
>> I have investigated the test failure for Android 4.4. For
>> cordova-plugin-media, the cause of the failure may be the SSL
>> handshake.
>>
>> The MediaPlayer in Android 4.4 can not connect to a modern SSL
>> server.
>> For example:
>> https://cordova.apache.org/downloads/BlueZedEx.mp3
>> https://cordova-develop.github.io/cordova-plugin-media/res/
>> BlueZedEx.mp3
>>
>> On the other hand, the MediaPlayer can connect to a standard SSL
>> server
>> like:
>> https://www.asial.co.jp/data_knaito/BlueZedEx.mp3
>>
>> I have checked the packet, and the available cipher suites of Android
>> 4.4 are as follows:
>>
>> ECDHE-RSA-AES256-CBC-SHA
>> ECDHE-ECDSA-AES256-CBC-SHA
>> SRP-SHA-DSS-AES256-CBC-SHA
>> SRP-SHA-RSA-AES256-CBC-SHA
>> DHE-RSA-AES256-CBC-SHA
>> DHE-DSS-AES256-CBC-SHA
>> ECDH-RSA-AES256-CBC-SHA
>> ECDH-ECDSA-AES256-CBC-SHA
>> RSA-AES256-CBC-SHA
>> ECDHE-RSA-3DES-EDE-CBC-SHA
>> ECDHE-ECDSA-3DES-EDE-CBC-SHA
>> SRP-SHA-DSS-3DES-EDE-CBC-SHA
>> SRP-SHA-RSA-3DES-EDE-CBC-SHA
>> DHE-RSA-3DES-EDE-CBC-SHA
>> DHE-DSS-3DES-EDE-CBC-SHA
>> ECDH-RSA-3DES-EDE-CBC-SHA
>> ECDH-ECDSA-3DES-EDE-CBC-SHA
>> RSA-3DES-EDE-CBC-SHA
>> ECDHE-RSA-AES128-CBC-SHA
>> ECDHE-ECDSA-AES128-CBC-SHA
>> SRP-SHA-DSS-AES128-CBC-SHA
>> SRP-SHA-RSA-AES128-CBC-SHA
>> DHE-RSA-AES128-CBC-SHA
>> DHE-DSS-AES128-CBC-SHA
>> ECDH-RSA-AES128-CBC-SHA
>> ECDH-ECDSA-AES128-CBC-SHA
>> RSA-AES128-CBC-SHA
>> ECDHE-RSA-RC4-SHA
>> ECDHE-ECDSA-RC4-SHA
>> ECDH-RSA-RC4-SHA
>> ECDH-ECDSA-RC4-SHA
>> RSA-RC4-SHA
>> RSA-RC4-MD5
>>
>> Modern SSL servers may refuse these cipher suites.
>>
>> In order to resolve this issue, the mp3 file should be downloaded in
>> another way and then be played by MediaPlayer.
>> One way of downloading is using the okhttp library with a custom ssl
>> socket factory.
>>
>> However, the okhttp library is not included in the latest
>> cordova-android, and cordova-plugin-okhttp
>> (https://github.com/MobileChromeApps/cordova-plugin-okhttp) is too
>> old
>> and not maintained.
>>
>> I think that a new okhttp plugin should be created, and
>> cordova-plugin-media should depend on the new okhttp plugin in
>> order to
>> connect to a modern SSL server.
>>
>> Or, a more simple option is to specify that the MediaPlayer can not
>> connect modern SSL servers for Android 4.4, and remove the test of
>> playing streams for Android 4.4.
>>
>>
>> On 2018/06/18 13:02, Shazron wrote:
>> > We keep seeing this failed Media test on Android 4.4:
>> > https://github.com/apache/cordova-plugin-media/pull/166
>> >
>> > I'm not sure of the state of our Android support, especially
>> 4.4. Does
>> > anyone have any pointers? Thanks
>> >
>>
>>
>
Re: Android 4.4 support?
Posted by Ken Naito <ke...@monaca.io>.
Hi Shazron,
Thanks for the advice!
I sent a new commit of PR, which removes some tests for Android 4.4.
Ken Naito.
On 2018/06/19 13:35, Shazron wrote:
> Thanks Ken!
> I think we should go for the simpler option, and log this as a new
> issue that is known and out of our control. Android 4.4 (even though
> 10% of the market) should not be a priority for us.
>
> On Tue, Jun 19, 2018 at 12:30 PM Ken Naito <ken@monaca.io
> <ma...@monaca.io>> wrote:
>
>
> I have investigated the test failure for Android 4.4. For
> cordova-plugin-media, the cause of the failure may be the SSL
> handshake.
>
> The MediaPlayer in Android 4.4 can not connect to a modern SSL
> server.
> For example:
> https://cordova.apache.org/downloads/BlueZedEx.mp3
> https://cordova-develop.github.io/cordova-plugin-media/res/BlueZedEx.mp3
>
> On the other hand, the MediaPlayer can connect to a standard SSL
> server
> like:
> https://www.asial.co.jp/data_knaito/BlueZedEx.mp3
>
> I have checked the packet, and the available cipher suites of Android
> 4.4 are as follows:
>
> ECDHE-RSA-AES256-CBC-SHA
> ECDHE-ECDSA-AES256-CBC-SHA
> SRP-SHA-DSS-AES256-CBC-SHA
> SRP-SHA-RSA-AES256-CBC-SHA
> DHE-RSA-AES256-CBC-SHA
> DHE-DSS-AES256-CBC-SHA
> ECDH-RSA-AES256-CBC-SHA
> ECDH-ECDSA-AES256-CBC-SHA
> RSA-AES256-CBC-SHA
> ECDHE-RSA-3DES-EDE-CBC-SHA
> ECDHE-ECDSA-3DES-EDE-CBC-SHA
> SRP-SHA-DSS-3DES-EDE-CBC-SHA
> SRP-SHA-RSA-3DES-EDE-CBC-SHA
> DHE-RSA-3DES-EDE-CBC-SHA
> DHE-DSS-3DES-EDE-CBC-SHA
> ECDH-RSA-3DES-EDE-CBC-SHA
> ECDH-ECDSA-3DES-EDE-CBC-SHA
> RSA-3DES-EDE-CBC-SHA
> ECDHE-RSA-AES128-CBC-SHA
> ECDHE-ECDSA-AES128-CBC-SHA
> SRP-SHA-DSS-AES128-CBC-SHA
> SRP-SHA-RSA-AES128-CBC-SHA
> DHE-RSA-AES128-CBC-SHA
> DHE-DSS-AES128-CBC-SHA
> ECDH-RSA-AES128-CBC-SHA
> ECDH-ECDSA-AES128-CBC-SHA
> RSA-AES128-CBC-SHA
> ECDHE-RSA-RC4-SHA
> ECDHE-ECDSA-RC4-SHA
> ECDH-RSA-RC4-SHA
> ECDH-ECDSA-RC4-SHA
> RSA-RC4-SHA
> RSA-RC4-MD5
>
> Modern SSL servers may refuse these cipher suites.
>
> In order to resolve this issue, the mp3 file should be downloaded in
> another way and then be played by MediaPlayer.
> One way of downloading is using the okhttp library with a custom ssl
> socket factory.
>
> However, the okhttp library is not included in the latest
> cordova-android, and cordova-plugin-okhttp
> (https://github.com/MobileChromeApps/cordova-plugin-okhttp) is too
> old
> and not maintained.
>
> I think that a new okhttp plugin should be created, and
> cordova-plugin-media should depend on the new okhttp plugin in
> order to
> connect to a modern SSL server.
>
> Or, a more simple option is to specify that the MediaPlayer can not
> connect modern SSL servers for Android 4.4, and remove the test of
> playing streams for Android 4.4.
>
>
> On 2018/06/18 13:02, Shazron wrote:
> > We keep seeing this failed Media test on Android 4.4:
> > https://github.com/apache/cordova-plugin-media/pull/166
> >
> > I'm not sure of the state of our Android support, especially
> 4.4. Does
> > anyone have any pointers? Thanks
> >
>
Re: Android 4.4 support?
Posted by Shazron <sh...@gmail.com>.
Thanks Ken!
I think we should go for the simpler option, and log this as a new issue
that is known and out of our control. Android 4.4 (even though 10% of the
market) should not be a priority for us.
On Tue, Jun 19, 2018 at 12:30 PM Ken Naito <ke...@monaca.io> wrote:
>
> I have investigated the test failure for Android 4.4. For
> cordova-plugin-media, the cause of the failure may be the SSL handshake.
>
> The MediaPlayer in Android 4.4 can not connect to a modern SSL server.
> For example:
> https://cordova.apache.org/downloads/BlueZedEx.mp3
> https://cordova-develop.github.io/cordova-plugin-media/res/BlueZedEx.mp3
>
> On the other hand, the MediaPlayer can connect to a standard SSL server
> like:
> https://www.asial.co.jp/data_knaito/BlueZedEx.mp3
>
> I have checked the packet, and the available cipher suites of Android
> 4.4 are as follows:
>
> ECDHE-RSA-AES256-CBC-SHA
> ECDHE-ECDSA-AES256-CBC-SHA
> SRP-SHA-DSS-AES256-CBC-SHA
> SRP-SHA-RSA-AES256-CBC-SHA
> DHE-RSA-AES256-CBC-SHA
> DHE-DSS-AES256-CBC-SHA
> ECDH-RSA-AES256-CBC-SHA
> ECDH-ECDSA-AES256-CBC-SHA
> RSA-AES256-CBC-SHA
> ECDHE-RSA-3DES-EDE-CBC-SHA
> ECDHE-ECDSA-3DES-EDE-CBC-SHA
> SRP-SHA-DSS-3DES-EDE-CBC-SHA
> SRP-SHA-RSA-3DES-EDE-CBC-SHA
> DHE-RSA-3DES-EDE-CBC-SHA
> DHE-DSS-3DES-EDE-CBC-SHA
> ECDH-RSA-3DES-EDE-CBC-SHA
> ECDH-ECDSA-3DES-EDE-CBC-SHA
> RSA-3DES-EDE-CBC-SHA
> ECDHE-RSA-AES128-CBC-SHA
> ECDHE-ECDSA-AES128-CBC-SHA
> SRP-SHA-DSS-AES128-CBC-SHA
> SRP-SHA-RSA-AES128-CBC-SHA
> DHE-RSA-AES128-CBC-SHA
> DHE-DSS-AES128-CBC-SHA
> ECDH-RSA-AES128-CBC-SHA
> ECDH-ECDSA-AES128-CBC-SHA
> RSA-AES128-CBC-SHA
> ECDHE-RSA-RC4-SHA
> ECDHE-ECDSA-RC4-SHA
> ECDH-RSA-RC4-SHA
> ECDH-ECDSA-RC4-SHA
> RSA-RC4-SHA
> RSA-RC4-MD5
>
> Modern SSL servers may refuse these cipher suites.
>
> In order to resolve this issue, the mp3 file should be downloaded in
> another way and then be played by MediaPlayer.
> One way of downloading is using the okhttp library with a custom ssl
> socket factory.
>
> However, the okhttp library is not included in the latest
> cordova-android, and cordova-plugin-okhttp
> (https://github.com/MobileChromeApps/cordova-plugin-okhttp) is too old
> and not maintained.
>
> I think that a new okhttp plugin should be created, and
> cordova-plugin-media should depend on the new okhttp plugin in order to
> connect to a modern SSL server.
>
> Or, a more simple option is to specify that the MediaPlayer can not
> connect modern SSL servers for Android 4.4, and remove the test of
> playing streams for Android 4.4.
>
>
> On 2018/06/18 13:02, Shazron wrote:
> > We keep seeing this failed Media test on Android 4.4:
> > https://github.com/apache/cordova-plugin-media/pull/166
> >
> > I'm not sure of the state of our Android support, especially 4.4. Does
> > anyone have any pointers? Thanks
> >
>
>
Re: Android 4.4 support?
Posted by Ken Naito <ke...@monaca.io>.
I have investigated the test failure for Android 4.4. For
cordova-plugin-media, the cause of the failure may be the SSL handshake.
The MediaPlayer in Android 4.4 can not connect to a modern SSL server.
For example:
https://cordova.apache.org/downloads/BlueZedEx.mp3
https://cordova-develop.github.io/cordova-plugin-media/res/BlueZedEx.mp3
On the other hand, the MediaPlayer can connect to a standard SSL server
like:
https://www.asial.co.jp/data_knaito/BlueZedEx.mp3
I have checked the packet, and the available cipher suites of Android
4.4 are as follows:
ECDHE-RSA-AES256-CBC-SHA
ECDHE-ECDSA-AES256-CBC-SHA
SRP-SHA-DSS-AES256-CBC-SHA
SRP-SHA-RSA-AES256-CBC-SHA
DHE-RSA-AES256-CBC-SHA
DHE-DSS-AES256-CBC-SHA
ECDH-RSA-AES256-CBC-SHA
ECDH-ECDSA-AES256-CBC-SHA
RSA-AES256-CBC-SHA
ECDHE-RSA-3DES-EDE-CBC-SHA
ECDHE-ECDSA-3DES-EDE-CBC-SHA
SRP-SHA-DSS-3DES-EDE-CBC-SHA
SRP-SHA-RSA-3DES-EDE-CBC-SHA
DHE-RSA-3DES-EDE-CBC-SHA
DHE-DSS-3DES-EDE-CBC-SHA
ECDH-RSA-3DES-EDE-CBC-SHA
ECDH-ECDSA-3DES-EDE-CBC-SHA
RSA-3DES-EDE-CBC-SHA
ECDHE-RSA-AES128-CBC-SHA
ECDHE-ECDSA-AES128-CBC-SHA
SRP-SHA-DSS-AES128-CBC-SHA
SRP-SHA-RSA-AES128-CBC-SHA
DHE-RSA-AES128-CBC-SHA
DHE-DSS-AES128-CBC-SHA
ECDH-RSA-AES128-CBC-SHA
ECDH-ECDSA-AES128-CBC-SHA
RSA-AES128-CBC-SHA
ECDHE-RSA-RC4-SHA
ECDHE-ECDSA-RC4-SHA
ECDH-RSA-RC4-SHA
ECDH-ECDSA-RC4-SHA
RSA-RC4-SHA
RSA-RC4-MD5
Modern SSL servers may refuse these cipher suites.
In order to resolve this issue, the mp3 file should be downloaded in
another way and then be played by MediaPlayer.
One way of downloading is using the okhttp library with a custom ssl
socket factory.
However, the okhttp library is not included in the latest
cordova-android, and cordova-plugin-okhttp
(https://github.com/MobileChromeApps/cordova-plugin-okhttp) is too old
and not maintained.
I think that a new okhttp plugin should be created, and
cordova-plugin-media should depend on the new okhttp plugin in order to
connect to a modern SSL server.
Or, a more simple option is to specify that the MediaPlayer can not
connect modern SSL servers for Android 4.4, and remove the test of
playing streams for Android 4.4.
On 2018/06/18 13:02, Shazron wrote:
> We keep seeing this failed Media test on Android 4.4:
> https://github.com/apache/cordova-plugin-media/pull/166
>
> I'm not sure of the state of our Android support, especially 4.4. Does
> anyone have any pointers? Thanks
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
For additional commands, e-mail: dev-help@cordova.apache.org
Re: Android 4.4 support?
Posted by julio cesar sanchez <jc...@gmail.com>.
Yeah, we official dropped support of SDK < 19 on cordova-android 7.x.x, so
we still support Android 4.4.
I think we can merge that and create a new issue for Android 4.4 tests,
media tests has been broken for a long time, so hard to tell if that
failure is related to the changes or not, but at least the rest of Android
versions pass now.
2018-06-18 7:03 GMT+02:00 Darryl Pogue <dv...@gmail.com>:
> Speaking as a Cordova user, Android 4.4 still accounts for an
> agonizing 10.3% of devices (as of May 2018)[1] and our company's apps
> are still required to support it.
>
> I can't speak to the media plugin, since I've never used it, but I can
> confirm that the latest cordova-android still supports 4.4 albeit as
> the lowest supported version.
>
> [1] https://developer.android.com/about/dashboards/
>
> On Sun, Jun 17, 2018 at 9:02 PM Shazron <sh...@gmail.com> wrote:
> >
> > We keep seeing this failed Media test on Android 4.4:
> > https://github.com/apache/cordova-plugin-media/pull/166
> >
> > I'm not sure of the state of our Android support, especially 4.4. Does
> > anyone have any pointers? Thanks
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> For additional commands, e-mail: dev-help@cordova.apache.org
>
>
Re: Android 4.4 support?
Posted by Darryl Pogue <dv...@gmail.com>.
Speaking as a Cordova user, Android 4.4 still accounts for an
agonizing 10.3% of devices (as of May 2018)[1] and our company's apps
are still required to support it.
I can't speak to the media plugin, since I've never used it, but I can
confirm that the latest cordova-android still supports 4.4 albeit as
the lowest supported version.
[1] https://developer.android.com/about/dashboards/
On Sun, Jun 17, 2018 at 9:02 PM Shazron <sh...@gmail.com> wrote:
>
> We keep seeing this failed Media test on Android 4.4:
> https://github.com/apache/cordova-plugin-media/pull/166
>
> I'm not sure of the state of our Android support, especially 4.4. Does
> anyone have any pointers? Thanks
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
For additional commands, e-mail: dev-help@cordova.apache.org