关于SO的类似主题是: HTTP digest authentication fail due to wrong nonce-count in iOS 10
它看起来更像是这里提到的症状: https://forums.developer.apple.com/thread/50617 但仍然没有答案。
我们使用AVPlayer执行摘要式身份验证,它可以在iOS 9上运行。
我们从Wireshark捕获的内容如下:
iOS9
GET /SD/TestContentsforAndroid/Fireworks.mp4 HTTP/1.1
Host: 192.168.40.1:8081
X-Playback-Session-Id: FE21C8D7-9603-4FDE-A648-7544440BD820
Range: bytes=0-1
Accept: */*
User-Agent: AppleCoreMedia/1.0.0.13A405 (iPhone; U; CPU OS 9_0_1 like Mac OS X; zh_tw)
Accept-Language: zh-tw
Accept-Encoding: identity
Connection: keep-alive
HTTP/1.1 401 Unauthorized
WWW-Authenticate: Digest realm="Drive", nonce="a56fa5b58b55f5d780fdc2e6232c64b2", qop="auth"
Content-Type: text/html
Content-Length: 351
Date: Wed, 16 Nov 2016 03:26:56 GMT
Server: lighttpd
<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>401 - Unauthorized</title>
</head>
<body>
<h1>401 - Unauthorized</h1>
</body>
</html>
GET /SD/TestContentsforAndroid/Fireworks.mp4 HTTP/1.1
Host: 192.168.40.1:8081
Authorization: Digest username="admin", realm="Drive", nonce="a56fa5b58b55f5d780fdc2e6232c64b2", uri="/SD/TestContentsforAndroid/Fireworks.mp4", response="a98e31641aa3930d1eb907dcc9a17963", cnonce="afbc1d37b0fd1302948f8554b7400f30", nc=00000002, qop="auth"
X-Playback-Session-Id: FE21C8D7-9603-4FDE-A648-7544440BD820
Range: bytes=0-1
Accept: */*
User-Agent: AppleCoreMedia/1.0.0.13A405 (iPhone; U; CPU OS 9_0_1 like Mac OS X; zh_tw)
Accept-Language: zh-tw
Accept-Encoding: identity
Connection: keep-alive
HTTP/1.1 206 Partial Content
Content-Type: video/mpeg
Accept-Ranges: bytes
ETag: "1312277247"
Last-Modified: Thu, 31 Jan 2013 06:18:08 GMT
Content-Range: bytes 0-1/131067666
Content-Length: 2
Date: Wed, 16 Nov 2016 03:26:56 GMT
Server: lighttpd
....ftypmp42....isommp42....moov...lmvhd.....U5..U5....X....................................................@...................................iods.......O..)......trak...\tkhd....|%...U5.............................................................@........8.....[mdia... mdhd....|%...U5.........U......-hdlr........vide............VideoHandler.....minf....vmhd...............$dinf....dref............url ........stbl....stsd............avc1...........................8.H...H...............................................0avcC.d.(....gd.(.
这似乎遵循RFC标准, 但是在iOS 10.2 beta 3上
iOS10.2 beta 3
GET /SD/DemoData/TestContentsforAndroid/Fireworks.mp4 HTTP/1.1
Host: 192.168.40.1:8081
X-Playback-Session-Id: 82E92AFC-FC64-4142-AE04-A1E422B92E75
Range: bytes=0-1
Accept: */*
User-Agent: AppleCoreMedia/1.0.0.14C5077b (iPhone; U; CPU OS 10_2 like Mac OS X; zh_tw)
Accept-Language: zh-tw
Accept-Encoding: identity
Connection: keep-alive
HTTP/1.1 401 Unauthorized
WWW-Authenticate: Digest realm="Drive", nonce="a1c413ee966f67b1c8e0e44af227335c", qop="auth"
Content-Type: text/html
Content-Length: 351
Date: Wed, 16 Nov 2016 03:39:02 GMT
Server: lighttpd
<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>401 - Unauthorized</title>
</head>
<body>
<h1>401 - Unauthorized</h1>
</body>
</html>
服务器在iOS 10上没有收到来自AVPlayer的任何进一步请求。
起初我认为由于错误的nonce-count导致它具有相同的根本原因, 但似乎有所不同。
顺便说一句,将auth方法更改为BASIC可以绕过问题,但它不能解决摘要问题。
任何人都面临同样的问题,并有其他想法解决方法? 我不知道Apple是否注意到了这一点。
更新:20170309
Apple的错误报告系统将我的报告更改为以下内容。
29381646 iOS10 +上的AVPlayer http摘要认证失败
状态:已关闭产品:
但是,似乎我没有权限访问29218533, 所以我现在无法跟踪Apple的实际回复。