iPhone：是否可以使用 openURL 打开受密码保护的文件？

发布于 2024-08-22 07:20:26 字数 1383 浏览 10 评论 0原文

标题几乎说明了一切。我的应用程序具有文件 myFile.ext 的 URL 和密码，位于：

我想创建一个 NSURL 对象，如果将其传递给 UIApplication 的 canOpenURL 和 openURL 方法，将产生适当的行为。

这可能吗？如果是这样怎么办？是否有我应该注意的安全问题？

编辑以澄清：

以下代码生成一个 URL 请求，当发送到服务器时，该请求会成功导致应用程序下载文件。但我想做的是用 openURL 打开它。

+ (NSMutableURLRequest *) requestForFileNamed: (NSString *) filename {
    NSString *url = [NSString stringWithFormat:@"%@&user=%@&getbinfile=%@", serverLocation, username, filename];
    NSString *body = [NSString stringWithFormat:@"password=%@", password];
    return [XMLRequestBuilder postRequestWithURL:url body:body];
}

XMLRequestBuilder 方法：

+ (NSMutableURLRequest *) requestWithURL: (NSString *) url body: (NSString *) body method: (NSString *) method {
    NSURL * theURL = [NSURL URLWithString:url];
    NSMutableURLRequest * ret = [NSMutableURLRequest requestWithURL:theURL];
    [ret setHTTPBody:[body dataUsingEncoding:NSUTF8StringEncoding]];
    [ret setHTTPMethod: method];
    [ret setTimeoutInterval:kDefaultTimeoutInterval];
    return ret;
}


+ (NSMutableURLRequest *) postRequestWithURL: (NSString *) url body: (NSString *) body {
    return [XMLRequestBuilder requestWithURL:url body:body method:@"POST"];
}

原文

Title pretty much says it all. My app has the URL and password for the file myFile.ext, located at:

https://myserver.com/stuff.cgi?db=mydb

I want to create an NSURL object which, if passed to UIApplication's canOpenURL and openURL methods, will result in appropriate behavior.

Is this possible? If so how? And are there security issues I should be aware of?

EDIT FOR CLARIFICATION:

The following code produces a URL request which, when sent to the server, successfully causes app to download the file. But what I want to do is open it with openURL.

+ (NSMutableURLRequest *) requestForFileNamed: (NSString *) filename {
    NSString *url = [NSString stringWithFormat:@"%@&user=%@&getbinfile=%@", serverLocation, username, filename];
    NSString *body = [NSString stringWithFormat:@"password=%@", password];
    return [XMLRequestBuilder postRequestWithURL:url body:body];
}

XMLRequestBuilder methods:

+ (NSMutableURLRequest *) requestWithURL: (NSString *) url body: (NSString *) body method: (NSString *) method {
    NSURL * theURL = [NSURL URLWithString:url];
    NSMutableURLRequest * ret = [NSMutableURLRequest requestWithURL:theURL];
    [ret setHTTPBody:[body dataUsingEncoding:NSUTF8StringEncoding]];
    [ret setHTTPMethod: method];
    [ret setTimeoutInterval:kDefaultTimeoutInterval];
    return ret;
}


+ (NSMutableURLRequest *) postRequestWithURL: (NSString *) url body: (NSString *) body {
    return [XMLRequestBuilder requestWithURL:url body:body method:@"POST"];
}

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

对你的占有欲 2024-08-29 07:20:26

假设（正如 @bodnarbm 指出的那样）您想要 HTTP 身份验证，这相当简单。只需实现 didReceiveAuthenticationChallenge 即可。以下是 Apple 文档中的示例：

只需将 [selfpreferencesName] 和 [selfpreferencesPassword] 更改为您的用户名/密码。

-(void)connection:(NSURLConnection *)connection
        didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{
    if ([challenge previousFailureCount] == 0) {
        NSURLCredential *newCredential;
        newCredential=[NSURLCredential credentialWithUser:[self preferencesName]
                                                 password:[self preferencesPassword]
                                              persistence:NSURLCredentialPersistenceNone];
        [[challenge sender] useCredential:newCredential
               forAuthenticationChallenge:challenge];
    } else {
        [[challenge sender] cancelAuthenticationChallenge:challenge];
        // inform the user that the user name and password
        // in the preferences are incorrect
        [self showPreferencesCredentialsAreIncorrectPanel:self];
    }
}

这是链接： http://developer .apple.com/mac/library/DOCUMENTATION/Cocoa/Conceptual/URLLoadingSystem/Tasks/UsingNSURLConnection.html

更新：
从您上面的评论来看，您似乎没有使用 HTTP 身份验证（因此我上面的代码不适用于您，但我将其保留以可能帮助其他人）。

回到您的问题：您是否将请求中的 HTTP 方法标头值设置为“POST”？为什么你试图在正文中发送密码（如 POST 那样），而其他参数却在 URL 中（如 GET）？将其他参数移至 POST 请求的正文。如果您发布代码，可能会更容易看出哪里出了问题。

Assuming (as @bodnarbm pointed out) that you want HTTP authentication it's fairly straight forward. Simply implement didReceiveAuthenticationChallenge. Here's a sample from Apple's docs:

Just change [self preferencesName] and [self preferencesPassword] to your username/pwd.

-(void)connection:(NSURLConnection *)connection
        didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{
    if ([challenge previousFailureCount] == 0) {
        NSURLCredential *newCredential;
        newCredential=[NSURLCredential credentialWithUser:[self preferencesName]
                                                 password:[self preferencesPassword]
                                              persistence:NSURLCredentialPersistenceNone];
        [[challenge sender] useCredential:newCredential
               forAuthenticationChallenge:challenge];
    } else {
        [[challenge sender] cancelAuthenticationChallenge:challenge];
        // inform the user that the user name and password
        // in the preferences are incorrect
        [self showPreferencesCredentialsAreIncorrectPanel:self];
    }
}

And here's the link: http://developer.apple.com/mac/library/DOCUMENTATION/Cocoa/Conceptual/URLLoadingSystem/Tasks/UsingNSURLConnection.html

UPDATE:
From your comment above it doesn't look like you are using HTTP Authentication (so my code above doesn't apply to you, but I'll leave it to possibly help someone else).

Back to your problem: Are you setting the HTTP method header value to 'POST' in the request? Why are you trying to send the pwd in the body (as POST should) yet the other parameters are in the URL (as GET)? Move the other parameters to the body of the POST request. If you post your code it may be easier to see where you are going wrong.

回复收藏 0 原文

~没有更多了~