My iPhone application was rejected solely for using the (very safe, it seems) private method +setAllowsAnyHTTPSCertificate:forHost: for NSURLRequest. Is there a non-private API to emulate this functionality?
views:
1279answers:
4
A:
One really stupid workaround is to make your own category method:
@implementation NSURLRequest (IgnoreSSL)
+ (BOOL)allowsAnyHTTPSCertificateForHost:(NSString *)host
{
return YES;
}
@end
This should get by Apple's private API checks, but it's still the same thing (using a private, undocumented API[1] that is liable to break at any time). Actually, it's worse since it allows everything, not just that host.
[1]: An private API that should be made public, but a private API nevertheless.
meeselet
2010-01-04 21:10:09
From what I know of it, this will still not pass Apple's checks, as they appear to use a rather simple analysis based purely on selectors, not their usage.
Mike Abdullah
2010-01-05 00:21:42
@Mike: Are you sure? I am not "using" the selector at all, only redefining it. It is Apple's internals that call it. Granted, this is not at all safe, but I don't see how it wouldn't pass Apple's checks.
meeselet
2010-01-09 20:14:56
+1
A:
Take a look at this link: http://www.abstractec.co.uk/blog/iPhone.php?itemid=70
Might be a better solution for you than just tricking the private API check.
ruffiano
2010-01-04 23:30:32
Is it possible to use an NSURLConnection instead of a CFHTTPMessageRef? I would prefer the download be asynchronous.
meeselet
2010-01-05 04:01:59
A:
I am not saying about solution but suggestion. Have you thought to use ASIHttpRequest Framework for this? This framework is complete in all aspects. Do check the documentation, may be it can help you too.
Thanks, Madhup
Madhup
2010-01-05 12:22:33
+1
A:
There seems to be a public API for that ;) http://stackoverflow.com/questions/933331/how-to-use-nsurlconnection-to-connect-with-ssl-for-an-untrusted-cert/2033823#2033823
yonel
2010-01-27 08:23:25