Inspectopedia Help

Insecure HostnameVerifier

Insecure HostnameVerifier

This check looks for use of HostnameVerifier implementations whose verify method always returns true (thus trusting any hostname) which could result in insecure network traffic caused by trusting arbitrary hostnames in TLS/SSL certificates presented by peers.

Issue id: AllowAllHostnameVerifier

https://goo.gle/AllowAllHostnameVerifier

Inspection Details

Available in:

IntelliJ IDEA 2023.3, Qodana for Android 2023.3, Qodana for JVM 2023.3

Plugin:

Android, 2022.3.1 Beta 2

Last modified: 13 July 2023
Insecure Base Configuration Insecure TLS/SSL trust manager