我想发布一些有SSL问题的网络服务。 我使用了以下方法:
NSURLConnection * urlConnection = [[NSURLConnection alloc] initWithRequest:request delegate:self startImmediately:YES];
它应该立即开始发送已在请求中设置的数据; 但服务存在安全问题,但无法正常运行。但是我想发送数据并想忽略安全问题;所以我使用了NSURLConnectionDelegate的以下方法:
- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace {
return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust];
}
- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {
[challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge];
[challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge];
}
但他们已被弃用。如何处理安全问题并告诉他将数据传递给Web服务而不考虑它?
答案 0 :(得分:1)
你应该像这样使用willSendRequestForAuthenticationChallenge。
- (void)connection:(NSURLConnection *)connection willSendRequestForAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{
self.challenge = challenge;
[self askUserAcceptSSLError];
}
- (void)askUserAcceptSSLError
{
// Ask user like UIAlertView or so.
// Put these responses in UIAlertView delegate ...
// If User accepts (or force this if you want ignore SSL certificate errors):
[[self.challenge sender]
useCredential:[NSURLCredential credentialForTrust:self.challenge.protectionSpace.serverTrust]
forAuthenticationChallenge:self.challenge];
[[self.challenge sender] continueWithoutCredentialForAuthenticationChallenge:self.challenge];
// If User deny request:
[[self.challenge sender] cancelAuthenticationChallenge:self.challenge];
}