2

I'm using the following code to send a user login to a server, but Apple says that I'm using a private API and will reject the app. How can I resolve this?

would replacing with [NSURLRequest setAllowsAnyHTTPSCertificate:YES forHost:[url host]]; [request setHTTPMethod:@"POST"]; be enough?

    @interface NSURLRequest (DummyInterface)
+ (BOOL)allowsAnyHTTPSCertificateForHost:(NSString*)host;
+ (void)setAllowsAnyHTTPSCertificate:(BOOL)allow forHost:(NSString*)host;
@end

and my login code:

            // token url
            NSURL *url=[NSURL URLWithString:@"http://xxxxxxxx.com/api/token"];

            NSData *postData = [post dataUsingEncoding:NSASCIIStringEncoding allowLossyConversion:YES];

            NSString *postLength = [NSString stringWithFormat:@"%d", [postData length]];

            NSMutableURLRequest *request = [[NSMutableURLRequest alloc] init];
            [request setURL:url];
            [request setHTTPMethod:@"POST"];
            [request setValue:postLength forHTTPHeaderField:@"Content-Length"];
            [request setValue:@"application/json" forHTTPHeaderField:@"Accept"];
            [request setValue:@"application/x-www-form-urlencoded" forHTTPHeaderField:@"Content-Type"];
            [request setHTTPBody:postData];

            NSLog(@"url is %@",url),
            NSLog(@"request is %@",request),


           **[NSURLRequest setAllowsAnyHTTPSCertificate:YES forHost:[url host]];**
user2588945
  • 1,681
  • 6
  • 25
  • 38
  • thanks that's great. quick thing though - would replacing with [NSURLRequest setAllowsAnyHTTPSCertificate:YES forHost:[url host]]; [request setHTTPMethod:@"POST"]; work? I've tried it and it logs the user in etc... seems to work. just wondering if it will be ok with Apple – user2588945 Oct 09 '13 at 15:51
  • I dont get your question aboout `replacing above`. Replace it with what? :) `setAllowsAnyHTTPSCertificate:` is private - what do you want to replace it with? :) [check the duplicate post] – Daij-Djan Apr 11 '21 at 08:02
  • the linked post should lead you to ways to do it with URLConnection or URLSession. And you havent shared what api you use but..... https://stackoverflow.com/questions/19507207/how-do-i-accept-a-self-signed-ssl-certificate-using-ios-7s-nsurlsession-and-its?rq=1 – Daij-Djan Apr 11 '21 at 08:06

1 Answers1

0

There seems to be a public API for that.

How to use NSURLConnection to connect with SSL for an untrusted cert?

Must be late but might help.

Community
  • 1
  • 1
Niraj
  • 1,939
  • 20
  • 29
  • for URLSession: https://stackoverflow.com/questions/19507207/how-do-i-accept-a-self-signed-ssl-certificate-using-ios-7s-nsurlsession-and-its?rq=1 – Daij-Djan Apr 11 '21 at 08:07