If a user attempts to load a https web page in Mobile Safari and the server's certificate validation check fails (its expired, revoked, self-signed etc.) then the user is presented is presented with a warning message and asked if they want to continue or not.

Similarly NSURLConnection offers the ability for the implementator to decide firstly how to check the certificate and then decide how to proceed if it fails, so in this situation too it would be possible to display a warning to the user and offer them the opportunity to continue loading the page or not.

However it seems when loading a https page in UIWebView that fails a certificate check the behaviour is just to fail to load the page - didFailLoadWithError: gets called with kCFURLErrorServerCertificateUntrusted however nothing gets displayed to the user.

This is inconsistent - surely the UIWebView behaviour should behave in a similar way to Safari to be consistent within iPhone itself? Its also a daft that NSURLConnection allows total flexibility with this yet NSURLRequest:setAllowsAnyHTTPSCertificate is private.

Is there anyway to implement behaviour which is consistent with Safari, can this default behavior be customized in a similar way to NSURLConnection allows?

Cheers

P.S. Please refrain from getting into patronizing side discussions about why would anybody want to do this, thank you very much.

I found out how to do this:

1) When the page is loaded it will fail, thus add something like the following to didFailLoadWithError:

- (void)webView:(UIWebView *)webView didFailLoadWithError:(NSError *)error

    if ([error.domain isEqualToString: NSURLErrorDomain])

    {

        if (error.code == kCFURLErrorServerCertificateHasBadDate        ||

            error.code == kCFURLErrorServerCertificateUntrusted         ||

            error.code == kCFURLErrorServerCertificateHasUnknownRoot    ||

            error.code == kCFURLErrorServerCertificateNotYetValid)

        {

        display dialog to user telling them what happened and if they want to proceed

2) If the user wants to load the page then you need to connect using an NSURLConnection:

NSURLRequest *requestObj = [NSURLRequest requestWithURL:self.currentURL     cachePolicy:NSURLRequestReturnCacheDataElseLoad timeoutInterval:10.0];

self.loadingUnvalidatedHTTPSPage = YES;

[self.webView loadRequest:requestObj];

3) Then make this change to shouldStartLoadWithRequest

- (BOOL)webView:(UIWebView *)webView shouldStartLoadWithRequest:(NSURLRequest *)request navigationType:(UIWebViewNavigationType)navigationType

{

    if (self.loadingUnvalidatedHTTPSPage)

    {

        self.connection = [[NSURLConnection alloc] initWithRequest:request delegate:self];

        [self.connection start];

        return NO;

    }

4) Implement the NSURLConnectionDelegate as:

- (void)connection:(NSURLConnection *)connection willSendRequestForAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge

{

    SecTrustRef trust = challenge.protectionSpace.serverTrust;

    NSURLCredential *cred;

    cred = [NSURLCredential credentialForTrust:trust];

    [challenge.sender useCredential:cred forAuthenticationChallenge:challenge];

}

- (void)connection:(NSURLConnection *)connection didReceiveResponse:(NSURLResponse *)response;

{

    NSURLRequest *requestObj = [NSURLRequest requestWithURL:self.currentURL cachePolicy:NSURLRequestReturnCacheDataElseLoad timeoutInterval:10.0];

    self.loadingUnvalidatedHTTPSPage = NO;

    [self.webView loadRequest: requestObj];

    [self.connection cancel];

}

It all seems to work fine.

Has anybody found a way to load HTTPS pages with an invalid server certificate using UIWebView?的更多相关文章

  1. Load balancer does not have available server for client

    最近在研究spring-cloud,研究zuul组件时发生下列错误: Caused by: com.netflix.client.ClientException: Load balancer does ...

  2. load balancer does not have available server for client: provider

    Ask Question up vote6down votefavorite 4 I'm trying to use Feign client. Below is my feing client: i ...

  3. Feign报错Caused by: com.netflix.client.ClientException: Load balancer does not have available server for client

    问题描述 使用Feign调用微服务接口报错,如下: java.lang.RuntimeException: com.netflix.client.ClientException: Load balan ...

  4. InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised.解决办法

    最近使用requests进行get请求的时候,控制台输出如下错误. InsecureRequestWarning: Unverified HTTPS request is being made. Ad ...

  5. com.netflix.client.ClientException: Load balancer does not have available server for client xxxx

    版本 spring boot: 2.0.1.RELEASE spring cloud: Finchley.M9 错误 通过zuul调用eureka注册的服务,错误内容如下 Caused by: com ...

  6. SVN 错误:Error validating server certificate for 'https://xxxxxxx':443... Mac os svn客户端证书验证缓存 解决

    mac上的SVN今天突然间 不好使了 在进行SVN操作是报出警告信息 Error validating server certificate for 'https://xxxxxxx':443 - T ...

  7. java.lang.RuntimeException: com.netflix.client.ClientException: Load balancer does not have available server for client: service-one

    一.异常信息 java.lang.RuntimeException: com.netflix.client.ClientException: Load balancer does not have a ...

  8. InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised. See: https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings In

    InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is s ...

  9. sass_安装问题(ERROR: Could not find a valid gem 'sass' (>= 0), here is why: Unable to download data from https://rubygems.org/ - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: cert)

    安装sass前需安装ruby 安装好ruby好打开命令行,输入 gem install sass 出现错误: ERROR: Could not find a valid gem 'sass' (> ...

随机推荐

  1. [问题解决]ps aux中command命令相同,如何找出自己要的进程号?

    问题提出: 我们通过ps aux能够查看各个进程的状态,很多时候启动命令相同,我们没有办法判断,我们要查找的进程到底是那个? 我们该用什么方式来找出我们要操作的进程号呢? 解决步骤: 找出有可能的进程 ...

  2. vmware中三种网络连接方式(复制)

    原文来自http://note.youdao.com/share/web/file.html?id=236896997b6ffbaa8e0d92eacd13abbf&type=note 我怕链 ...

  3. [BZOJ4205][FJ2015集训] 卡牌配对 [建图+最大流]

    题面 这是bzoj权限题,题面可以去下面的离线题库找 离线4205,只有题面,不能提交 思路 二分图匹配 这道题模型显然就是个二分图匹配嘛 那我们两两判断一下然后连边匹配.....就只有30分了 因为 ...

  4. HTML,CSS,font-family:中文字体的英文名称【转载】

    转自:http://www.9958.pw/post/html_font-family 宋体 SimSun 黑体 SimHei 微软雅黑 Microsoft YaHei 微软正黑体 Microsoft ...

  5. highchart柱状图 series中data的数据构造

    先可以看一下data的数据结构 网站http://jsfiddle.net/gh/get/jquery/1.9.1/highslide-software/highcharts.com/tree/mas ...

  6. 《R语言实战》读书笔记--为什么要学

    本人最近在某咨询公司实习,涉及到了一些数据分析的工作,用的是R语言来处理数据.但是在应用的过程中,发现用R很不熟练,所以再打算学一遍R.曾经花一个月的时间看过一遍<R语言编程艺术>,还用R ...

  7. HDU 5761 物理题

    Rower Bo Time Limit: 2000/1000 MS (Java/Others)    Memory Limit: 131072/131072 K (Java/Others)Total ...

  8. display 垂直居中

    /* Center slide text vertically */ display: -webkit-box; display: -ms-flexbox; display: -webkit-flex ...

  9. CSS Sprites技术

    CSS Sprites技术,国内很多人也叫雪碧图,因为sprite麻 (你买一瓶雪碧就看得到大大的sprite字样了) 主要用于将网站的零碎图标的img标签取代,因为每个img标签引用的src就会造成 ...

  10. [bzoj1001][BJOI2006]狼抓兔子——最大流转最短路,平面图

    题目描述: 给定一个平面图,求最小割. 题解: 本题是一道经典题. 周冬Orz的论文是很好的研究资料. 这道题点太多,所以直接跑dinic无疑会超时. 我们观察原图,发现原图是一个平面图. 什么是平面 ...