2

I'm working on a web view that needs to work with only servers I trust (Based on the SSL handshake), and not all of those that Apple approve.

Is there a way to intercept the UIWebView connection so I could control on the request authentication?

When I use the UIWebView method loadRequest: there's no way of getting the SSL challenge (since it's not part of the UIWebViewDelegate protocol).

An alternative is to get the request that the UIWebView is about to send (using the delegate callback webView:shouldStartLoadWithRequest:navigationType:), telling the UIWebView not to load it, and sending the request using NSURLConnection (using its delegation methods for the SSL handshake logic). and when the connection finishes, loading the data it receives into the UIWebView (using the loading method loadData:MIMEType:textEncodingName:baseURL:). This workaround is working for simple sites, but complicated sites (JS, CSS...) might not work.

Thanks!

Raven
  • 39
  • 2
  • 7

1 Answers1

0

I had a similar problem of trying to display a web page for which the certificate has expired. I found this post, which showed me how to use a protocol on NSURLRequest, to override the method allowsAnyHTTPSCertificateForHost.

He stresses that this might or might not be accepted by Apple - however for my development this saves me some time.

You may be able to use this technique for your solution.

Brock Adams
  • 90,639
  • 22
  • 233
  • 295
Richard Le Mesurier
  • 29,432
  • 22
  • 140
  • 255
  • I have also found a related question on Stack Overflow - http://stackoverflow.com/questions/1769888/how-to-display-the-authentication-challenge-in-uiwebview - one of the solutions offers a "professional" but freeware solution to this and many related issues. I have not tested his code yet. – Richard Le Mesurier Jan 26 '11 at 12:38