您的位置:首页 > 移动开发

允许未经证实的SSL证书中的UIWebView

2013-11-28 23:33 239 查看 

I'm embedding a website in a UIWebView.我的网站嵌入在一个UIWebView。 During
development I have it pointed at localhost.在发展过程中,我已经指出在localhost。The problem is that whenever it hits a "https://" url it doesn't
load.现在的问题是,它击中一个“https://”开头的网址时,它不会加载。 When I load the url in mobile safari I get this popup:当我移动Safari浏览器中的URL,我得到这个弹出:



Is there a way to override this with the UIWebView to allow the unverified url?有没有办法覆盖的UIWebView允许未验证的URL吗?

来源:http://stackoverflow.com/questions/8858674/allow-unverified-ssl-certificate-in-uiwebview

If it's just for testing during development you can create a category on NSURLRequest and override the following private method:如果它只是用于测试在开发过程中,您可以创建一个类NSURLRequest覆盖下面的私有方法:
@interface NSURLRequest (NSURLRequestWithIgnoreSSL)

+(BOOL)allowsAnyHTTPSCertificateForHost:(NSString*)host;
 [/code]
@end

@implementation NSURLRequest (NSURLRequestWithIgnoreSSL)

+(BOOL)allowsAnyHTTPSCertificateForHost:(NSString*)host

{

return YES;

} @end
 [/code]

Just remember to remove it before you submit the app, or Apple will reject it for private API violation.只要记住将其删除,然后再提交的应用程序,苹果将拒绝为私有API违反。

There's a way to do this legally (by App Store laws at least).有一个合法的方式来做到这一点(至少App Store的法律)。 When
you use the NSURLConnection there are 2 methods that can be used to allow self-signed SSL certificates to be used:当您使用NSURLConnection的,可以被用来允许使用自签名SSL证书的有2种方法:

How
to use NSURLConnection to connect with SSL for an untrusted cert? 如何使用NSURLConnection的与SSL连接为一个不受信任的证书吗?

If you implement UIWebViewDelegate use the如果你实现UIWebViewDelegate使用
[code]- (BOOL)webView:(UIWebView *)webView shouldStartLoadWithRequest:(NSURLRequest *)request navigationType:(UIWebViewNavigationType)navigationType;
 [/code]

Return NO to this so that the WebView doesn't load on its own.不返回任何这样的WebView不加载自己的。 Then
construct an NSURLConnection (which can be used with unsigned certificates via the above link).然后构建一个NSURLConnection(可以使用未签名的证书,通过上面的链接)。

Of course the usual SSL recommendations apply here:当然,通常的SSL建议适用于在这里:

-Don't use an unsigned cert on production servers! - 不要在生产服务器上使用未签名的证书!

-Always surface a warning letting your user decide whether to accept the cert or not.总是面让用户决定是否接受该证书或警告。


                                            

                                        

                        
                        内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息 
                    

                    

                    

                        

                         标签: 
                                                

                        

                    


                

            


            

                
相关文章推荐

                

                
            

        

        

            

            
            

                

                    
新的分享

                    

                        
                    

                

            


            

                

                    
章节导航