iOS 应用程序传输安全和 Instagram 媒体 CDN
iOS App Transport Security and Instagram Media CDN
我正在更新我的 iOS 应用程序,该应用程序可以从 Instagram 为 iOS v[redacted] 提取图像。有一项新功能可以加强网络安全。它妨碍了我使用以下 NSError:
的 Instagram 抓取
Description: {
NSErrorFailingURLKey = "https:/instagram.com/p/52A5mtpurv/media/?size=l";
NSErrorFailingURLStringKey = "https:/instagram.com/p/52A5mtpurv/media/?size=l";
NSLocalizedDescription = "An SSL error has occurred and a secure connection to the server cannot be made.";
NSLocalizedRecoverySuggestion = "Would you like to connect to the server anyway?";
NSURLErrorFailingURLPeerTrustErrorKey = "<SecTrustRef: 0x17b1ebe0>";
NSUnderlyingError = "Error Domain=kCFErrorDomainCFNetwork Code=-1200 \"An SSL error has occurred and a secure connection to the server cannot be made.\" UserInfo={NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., _kCFNetworkCFStreamSSLErrorOriginalValue=-9802, _kCFStreamPropertySSLClientCertificateState=0, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorCodeKey=-9802, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x17b1ebe0>, _kCFStreamErrorDomainKey=3, NSErrorFailingURLStringKey=https://igcdn-photos-f-a.akamaihd.net/hphotos-ak-xaf1/t51.2885-15/11375272_1120995804579077_1215796842_n.jpg, NSErrorFailingURLKey=https://igcdn-photos-f-a.akamaihd.net/hphotos-ak-xaf1/t51.2885-15/11375272_1120995804579077_1215796842_n.jpg}";
"_kCFStreamErrorCodeKey" = "-9802";
"_kCFStreamErrorDomainKey" = 3;
}
简单的答案就是禁用新的安全功能。许多人显然正在采用这种方法。我认为这是不明智的。
阅读以上错误,很明显 akamaihd.net 的 Akamai CDN 和 Instagram 正在联合显示问题。
我在 info.plist 中做了以下异常声明:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>instagram.com</key>
<dict>
<key>NSExceptionAllowInsecureHTTPSLoads</key>
<true/>
<key>NSExceptionRequiresForwardSecrecy</key>
<false/>
<key>NSExceptionMinimumTLSVersion</key>
<string>TLSv1.0</string>
<key>NSThirdPartyExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
<false/>
<key>NSThirdPartyExceptionMinimumTLSVersion</key>
<string>TLSv1.0</string>
</dict>
</dict>
上述异常没有完成任务。关于如何进行的任何想法?同样,禁用新的安全功能并不能解决处理通过 CDN 运行的 public 服务的问题。
问题是我的代码中有一个激进的斜线缩减器。它将 https:// 折叠为 https:/。那导致了错误。
对我来说,这对工作非常完美:
<key>instagram.com</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
<false/>
</dict>
我正在更新我的 iOS 应用程序,该应用程序可以从 Instagram 为 iOS v[redacted] 提取图像。有一项新功能可以加强网络安全。它妨碍了我使用以下 NSError:
Description: {
NSErrorFailingURLKey = "https:/instagram.com/p/52A5mtpurv/media/?size=l";
NSErrorFailingURLStringKey = "https:/instagram.com/p/52A5mtpurv/media/?size=l";
NSLocalizedDescription = "An SSL error has occurred and a secure connection to the server cannot be made.";
NSLocalizedRecoverySuggestion = "Would you like to connect to the server anyway?";
NSURLErrorFailingURLPeerTrustErrorKey = "<SecTrustRef: 0x17b1ebe0>";
NSUnderlyingError = "Error Domain=kCFErrorDomainCFNetwork Code=-1200 \"An SSL error has occurred and a secure connection to the server cannot be made.\" UserInfo={NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., _kCFNetworkCFStreamSSLErrorOriginalValue=-9802, _kCFStreamPropertySSLClientCertificateState=0, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorCodeKey=-9802, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x17b1ebe0>, _kCFStreamErrorDomainKey=3, NSErrorFailingURLStringKey=https://igcdn-photos-f-a.akamaihd.net/hphotos-ak-xaf1/t51.2885-15/11375272_1120995804579077_1215796842_n.jpg, NSErrorFailingURLKey=https://igcdn-photos-f-a.akamaihd.net/hphotos-ak-xaf1/t51.2885-15/11375272_1120995804579077_1215796842_n.jpg}";
"_kCFStreamErrorCodeKey" = "-9802";
"_kCFStreamErrorDomainKey" = 3;
}
简单的答案就是禁用新的安全功能。许多人显然正在采用这种方法。我认为这是不明智的。
阅读以上错误,很明显 akamaihd.net 的 Akamai CDN 和 Instagram 正在联合显示问题。
我在 info.plist 中做了以下异常声明:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>instagram.com</key>
<dict>
<key>NSExceptionAllowInsecureHTTPSLoads</key>
<true/>
<key>NSExceptionRequiresForwardSecrecy</key>
<false/>
<key>NSExceptionMinimumTLSVersion</key>
<string>TLSv1.0</string>
<key>NSThirdPartyExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
<false/>
<key>NSThirdPartyExceptionMinimumTLSVersion</key>
<string>TLSv1.0</string>
</dict>
</dict>
上述异常没有完成任务。关于如何进行的任何想法?同样,禁用新的安全功能并不能解决处理通过 CDN 运行的 public 服务的问题。
问题是我的代码中有一个激进的斜线缩减器。它将 https:// 折叠为 https:/。那导致了错误。
对我来说,这对工作非常完美:
<key>instagram.com</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
<false/>
</dict>