Databases
StackOverflow2013
Postsdbo
PO
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    primarykey
    data
    text
    <p>The UIWebKit delegate doesn't forward through any of the NSURLConnection delegate methods to your app. One way to get around this would be to load the page using NSURLConnection and then push it into the UIWebView using <code>-loadData:MIMEType:textEncodingName:baseURL:</code>. Once you've done that you've verified the first page, which (as long as your site doesn't have links off of it), should stay safe. So, how do we verify a self-signed certificate?</p> <p>I had to solve this with an OSX App a little earlier this year and, once I figured out what I was doing, it was pretty straightforward, assuming you have a similar setup. The solution I propose here actually verifies the server certificate (although in my case I was using a private CA, so I added the CA certificate to the trust root, instead of the server certificate, it should work just as well with that). </p> <p>You'll need to add tests for <code>NSURLAuthenticationMethodServerTrust</code> to both the <code>-connection:canAuthenticateAgainstProtectionSpace:</code> and <code>-connection:didReceiveAuthenticationChallenge:</code> methods so that you can both request interest in and process the Security challenge.</p> <p>Hope this helps.</p> <pre><code>-(BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace { // ... implement any other authentication here, such as your client side certificates or user name/password if ([[protectionSpace authenticationMethod] isEqualToString: NSURLAuthenticationMethodServerTrust]) return YES; return NO; } -(void)connection:(NSURLConnection *)aConnection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge { NSURLProtectionSpace *protectionSpace = challenge.protectionSpace; // implement your client side auth here for NSURLAuthenticationMethodHTTPDigest or basic or your client-side cert if ([[protectionSpace authenticationMethod] isEqualToString: NSURLAuthenticationMethodServerTrust]) { // install our private certificates or CAs NSString *myCAString = @"&lt;string containing your CA cert&gt;"; SecCertificateRef certRef = SecCertificateCreateWithData ( NULL, (CFDataRef)[NSData dataFromBase64String: myCAString]); NSArray *anchorArray = [NSArray arrayWithObject: (NSObject*)certRef]; SecTrustSetAnchorCertificates( challenge.protectionSpace.serverTrust, (CFArrayRef) anchorArray); SecTrustResultType trustResultType; OSStatus err=SecTrustEvaluate(challenge.protectionSpace.serverTrust, &amp;trustResultType); if ((!err) &amp;&amp; (trustResultType == kSecTrustResultProceed || trustResultType == kSecTrustResultConfirm || trustResultType == kSecTrustResultUnspecified)) { [challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge]; } else { CFArrayRef certChain=NULL; CSSM_TP_APPLE_EVIDENCE_INFO *statusChain; SecTrustGetResult( challenge.protectionSpace.serverTrust, &amp;trustResultType, &amp;certChain, &amp;statusChain); [challenge.sender cancelAuthenticationChallenge:challenge]; } } else { // Cancel if we don't know what it is about... this is supposed to be secure [challenge.sender cancelAuthenticationChallenge:challenge]; } } </code></pre>
    singulars
    1. This table or related slice is empty.
    1. POIs it possible to load an SSL-encrypted website with a self-signed security certificate in an iPhone application?
      singulars
      1. PTQuestion
    1. PTAnswer
    1. USgaige
    1. USgaige
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. POIs it possible to load an SSL-encrypted website with a self-signed security certificate in an iPhone application?
      singulars
      1. PTQuestion
    1. This table or related slice is empty.
    1. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    2. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTAcceptedByOriginator
    3. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    1. COWhat is a CTURLTransaction? I already implemented a similar method involving NSURLConnection rather than CTURLTransaction, it is one of the methods that my webview never calls during its attempt to connect to the site.
      singulars
      1. PO
      1. USAndrew
    2. COSorry about that. I've fixed my answer to remove our corpora shim class which is what CTURLTransaction.
      singulars
      1. PO
      1. USgaige
    3. COThe UIWebKit delegate doesn't forward through any of the NSURLConnection delegate methods to your app. One way to get around this would be to load the page using NSURLConnection and then push it into the UIWebView using ``-loadData:MIMEType:textEncodingName:baseURL:``. Once you've done that you've verified the first page, which (as long as your site doesn't have links off of it), should stay safe.
      singulars
      1. PO
      1. USgaige
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload