If a user attempts to load a https web page in Mobile Safari and the server's certificate validation check fails (its expired, revoked, self-signed etc.) then the user is presented is presented with a warning message and asked if they want to continue or not.

Similarly NSURLConnection offers the ability for the implementator to decide firstly how to check the certificate and then decide how to proceed if it fails, so in this situation too it would be possible to display a warning to the user and offer them the opportunity to continue loading the page or not.

However it seems when loading a https page in UIWebView that fails a certificate check the behaviour is just to fail to load the page - didFailLoadWithError: gets called with kCFURLErrorServerCertificateUntrusted however nothing gets displayed to the user.

This is inconsistent - surely the UIWebView behaviour should behave in a similar way to Safari to be consistent within iPhone itself? Its also a daft that NSURLConnection allows total flexibility with this yet NSURLRequest:setAllowsAnyHTTPSCertificate is private.

Is there anyway to implement behaviour which is consistent with Safari, can this default behavior be customized in a similar way to NSURLConnection allows?

Cheers

P.S. Please refrain from getting into patronizing side discussions about why would anybody want to do this, thank you very much.

I found out how to do this:

1) When the page is loaded it will fail, thus add something like the following to didFailLoadWithError:

- (void)webView:(UIWebView *)webView didFailLoadWithError:(NSError *)error
if ([error.domain isEqualToString: NSURLErrorDomain])
{
if (error.code == kCFURLErrorServerCertificateHasBadDate ||
error.code == kCFURLErrorServerCertificateUntrusted ||
error.code == kCFURLErrorServerCertificateHasUnknownRoot ||
error.code == kCFURLErrorServerCertificateNotYetValid)
{
display dialog to user telling them what happened and if they want to proceed

2) If the user wants to load the page then you need to connect using an NSURLConnection:

NSURLRequest *requestObj = [NSURLRequest requestWithURL:self.currentURL     cachePolicy:NSURLRequestReturnCacheDataElseLoad timeoutInterval:10.0];
self.loadingUnvalidatedHTTPSPage = YES;
[self.webView loadRequest:requestObj];

3) Then make this change to shouldStartLoadWithRequest

- (BOOL)webView:(UIWebView *)webView shouldStartLoadWithRequest:(NSURLRequest *)request navigationType:(UIWebViewNavigationType)navigationType
{
if (self.loadingUnvalidatedHTTPSPage)
{
self.connection = [[NSURLConnection alloc] initWithRequest:request delegate:self];
[self.connection start];
return NO;
}

4) Implement the NSURLConnectionDelegate as:

- (void)connection:(NSURLConnection *)connection willSendRequestForAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{
SecTrustRef trust = challenge.protectionSpace.serverTrust;
NSURLCredential *cred;
cred = [NSURLCredential credentialForTrust:trust];
[challenge.sender useCredential:cred forAuthenticationChallenge:challenge];
} - (void)connection:(NSURLConnection *)connection didReceiveResponse:(NSURLResponse *)response;
{
NSURLRequest *requestObj = [NSURLRequest requestWithURL:self.currentURL cachePolicy:NSURLRequestReturnCacheDataElseLoad timeoutInterval:10.0];
self.loadingUnvalidatedHTTPSPage = NO;
[self.webView loadRequest: requestObj];
[self.connection cancel];
}

It all seems to work fine.

Has anybody found a way to load HTTPS pages with an invalid server certificate using UIWebView?的更多相关文章

  1. Load balancer does not have available server for client

    最近在研究spring-cloud,研究zuul组件时发生下列错误: Caused by: com.netflix.client.ClientException: Load balancer does ...

  2. load balancer does not have available server for client: provider

    Ask Question up vote6down votefavorite 4 I'm trying to use Feign client. Below is my feing client: i ...

  3. Feign报错Caused by: com.netflix.client.ClientException: Load balancer does not have available server for client

    问题描述 使用Feign调用微服务接口报错,如下: java.lang.RuntimeException: com.netflix.client.ClientException: Load balan ...

  4. InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised.解决办法

    最近使用requests进行get请求的时候,控制台输出如下错误. InsecureRequestWarning: Unverified HTTPS request is being made. Ad ...

  5. com.netflix.client.ClientException: Load balancer does not have available server for client xxxx

    版本 spring boot: 2.0.1.RELEASE spring cloud: Finchley.M9 错误 通过zuul调用eureka注册的服务,错误内容如下 Caused by: com ...

  6. SVN 错误:Error validating server certificate for 'https://xxxxxxx':443... Mac os svn客户端证书验证缓存 解决

    mac上的SVN今天突然间 不好使了 在进行SVN操作是报出警告信息 Error validating server certificate for 'https://xxxxxxx':443 - T ...

  7. java.lang.RuntimeException: com.netflix.client.ClientException: Load balancer does not have available server for client: service-one

    一.异常信息 java.lang.RuntimeException: com.netflix.client.ClientException: Load balancer does not have a ...

  8. InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings In

    InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is s ...

  9. sass_安装问题(ERROR: Could not find a valid gem 'sass' (>= 0), here is why: Unable to download data from https://rubygems.org/ - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: cert)

    安装sass前需安装ruby 安装好ruby好打开命令行,输入 gem install sass 出现错误: ERROR: Could not find a valid gem 'sass' (> ...

随机推荐

  1. static_cast AND dynamic_cast

    类型转换是一种机制,让程序员能够暂时或永久性改变编译器对对象的解释.注意,这并不意味着程序员改变了对象本身,而只是改变了对对象的解释. 在很多情况下,类型转换是合理的需求,可解决重要的兼容问题.因此, ...

  2. hdu1576逆元的一道水题

    hdu 1576 Problem Description 要求(A/B)%9973,但由于A很大,我们只给出n(n=A%9973)(我们给定的A必能被B整除,且gcd(B,9973) = 1).   ...

  3. thinkPHP判断是否修改成功

    thinkPHP中使用save方法来更新数据的save方法的正常执行时返回值是影响的记录数,出错时返回false,返回为0和返回false在很多业务场景下都是不同的. 而当修改的内容和原有内容一致的时 ...

  4. BZOJ2157 旅游 【树剖 或 LCT】

    题目 Ray 乐忠于旅游,这次他来到了T 城.T 城是一个水上城市,一共有 N 个景点,有些景点之间会用一座桥连接.为了方便游客到达每个景点但又为了节约成本,T 城的任意两个景点之间有且只有一条路径. ...

  5. jquery.jbox JBox-v2.3修改版

    原版jquery.jbox是个不错的jquery扩展,使用简单,功能很多.可惜的是作者把javascript加密了,并且2011年以后就不再更新.如果项目中用到了新的jquery版本,甚至jbox就没 ...

  6. 《c程序设计语言》读书笔记-5.5-指针实现strncpy,strncat,strncmp

    #include <stdio.h> #include <math.h> #include <stdlib.h> #include <string.h> ...

  7. bzoj 3379 - [USACO2004] 交作业

    Description 一个数轴上有 \(n \le 1000\) 个位置, 每个位置有一个时间 \(t_i\) 要求在 时刻 \(t_i\) 后, 至少经过该位置一次. (去交作业) 求从 \(0\ ...

  8. 51Nod 1317 相似字符串对

    题目链接 分析: 考虑两个串的关系:$A+C=C+B$,我们观察可以发现,$A$和$B$是循环同构的,如果$A=G+H$,那么$B=H+G$,证明略长懒得写了... 我们知道$A$串有$K^N$种,所 ...

  9. javascript jquery document.ready window.onload

    网易 博客 下载LOFTER客户端 注册登录  加关注 凡图的编程之路 2012年7月从一个编程新手的点点滴滴 首页 日志 LOFTER 相册 博友 关于我     日志       关于我 Holy ...

  10. haskell处理JSON(aeson)

    aeson是haskell的一个库,其实我也不太懂,不过大概是这样的:   定义一个类型 如   data Person = Person { firstName :: String , lastNa ...