1

Using a WKWebView, connect to a site that, upon user selection, will redirect to another site. The following error comes up after didReceiveServerRedirectForProvisionNavigation:

Error Domain=kCFErrorDomainCFNetwork Code=310 "(null)" UserInfo={_WKRecoveryAttempterErrorKey=<WKReloadFrameErrorRecoveryAttempter: 0x60800002a8e0>, _kCFStreamErrorCodeKey=-2096, _kCFStreamErrorDomainKey=4}

There's nothing real special happening here. I'm just trying to mimic Safari.

I've also overridden didReceive challenge with the following:

func webView(_ webView: WKWebView, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) ->     Void) {
    var cred: URLCredential?
    if let trust = challenge.protectionSpace.serverTrust {
        cred = URLCredential(trust: trust)
    } else {
        //creds are hardcoded just to try to get the thing working.
        cred = URLCredential(user: "hardcodedusername", password: "hardcodedpassword", persistence: .permanent)
    }
    completionHandler(.useCredential, cred)
}

It's worth noting that didReceive challenge isn't called when redirecting.

My assumption is that the site that I'm trying to redirect to has an old encryption protocol (TLS 1.0) and iOS isn't allowing the redirect. The site works fine in Safari on the iPhone. I also have ATS arbitrary loads set. This is Objective-C to Swift conversion, and the Objective-C version has no problem with this (using UIWebView, which was my original implementation before trying WKWebView... same error).

To be clear, this is a QA environment. I don't care if the cert is good or bad. If I can avoid any security requirement for this environment that would be great, but it seems like the arbitrary load setting doesn't do anything for me.

What am I missing?

Nick Molyneux
  • 369
  • 1
  • 2
  • 19
  • Arbitrary load will get you http, not broken or old https. Look at the code in this answer and see if you can get at the site with NSURLConnection: https://stackoverflow.com/questions/14268230/has-anybody-found-a-way-to-load-https-pages-with-an-invalid-server-certificate-u – Lou Franco Dec 09 '16 at 00:11
  • Thanks for the comment, but it doesn't seem to work. I've tried using both NSURLConnection and URLSession (with proper delegates). Thing is... the challenge methods are never hit. I end up with the same error at the end. – Nick Molyneux Dec 15 '16 at 19:01
  • Try to connect with openssl, like `openssl s_client -connect host:443` -- if it connects, you can type an HTTP request, like `GET / HTTP/1.0` -- if not, it should give an error. You can also try to control what tls version openssl uses (see manual page) – Lou Franco Dec 16 '16 at 13:59
  • 1
    This could be related to an invalid/compromised certificate. I received the same error code (310) when making an upload request through the simulator while running charles proxy. – mobilecat Jan 17 '17 at 00:40
  • So, what is the solution then? – Emrah Akgül Mar 13 '17 at 08:32
  • 1
    @EmrahAkgül I added an answer. that's the best solution we have at the moment. – Nick Molyneux Mar 15 '17 at 23:43

2 Answers2

3

Current solution is to turn off TLS 1.0. If anyone comes up with a better answer, please update. Sounds like Apple doesn't have a built in way to get around this problem.

Nick Molyneux
  • 369
  • 1
  • 2
  • 19
2

Solution:

We have to enabled Proxy in NSURLSession request as following :

NSURLSessionConfiguration *configuration = [NSURLSessionConfiguration defaultSessionConfiguration];
configuration.timeoutIntervalForRequest = 60;

/* To Fixed AIRWatch SDK Issue in API Calling */ 

  // Create an NSURLSessionConfiguration that uses the proxy

  NSDictionary *proxyDict = @{

                              @"HTTPEnable"  : [NSNumber numberWithInt:1],

                              @"HTTPSEnable" : [NSNumber numberWithInt:1],

                              };

configuration.connectionProxyDictionary = proxyDict;



  NSURLSession *session = [NSURLSession sessionWithConfiguration:configuration delegate:self delegateQueue:[NSOperationQueue mainQueue]];

Please made above changes in your source code. It will resolve your issue.

Aashish1aug
  • 795
  • 1
  • 8
  • 22