问题描述

在特定条件下，ASIHTTPRequest是否可以忽略"setValidatesSecureCertificate"参数?

Can ASIHTTPRequest ignore 'setValidatesSecureCertificate' parameter under certain conditions ?

如果我这样做:

NSURL *url = [NSURL URLWithString:@"https://someselfsignedurl"];

ASIHTTPRequest *r = [[[ASIHTTPRequest alloc] initWithURL:url] autorelease];
[r setValidatesSecureCertificate:YES];
[r startSynchronous]; 

// Should not work:
NSLog(@"Result: %@", [r error] ? [[r error] description] : [r responseString]);

我已经达到了预期的行为，即NSError告诉证书是自签名的，并且响应为空.

i've got the expected behaviour, i.e. a NSError telling the certificate is self-signed and a null response.

但是，在我的资料的其他部分，完全相同的代码似乎忽略了验证，并实际上获得了结果，而不是返回SSL错误.

However, in some other part of my source, the exactly same code seems to ignore validation and actually gets result instead of returning a SSL error.

在第三方库或实例中完成的任何全局"配置是否都可以与SSL验证进行交互?

Could any "global" configuration done, in a third-party library or instance, interact with SSL validation in anyway ?

推荐答案

好吧，这显然是来自CFNetwork的错误.

Ok, it is a bug, apparently from CFNetwork.

修复它，请在GitHub上查看: https://github.com/pokeb/asi-http-request/issues/263

Fixed it, see here on GitHub: https://github.com/pokeb/asi-http-request/issues/263

这篇关于ASIHttpRequest忽略setValidatesSecureCertificate参数的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！