我正在使用 AFNetworking 通过 SSL 发送数据。如何防止中间人攻击?如何确定我正在接收数据并将数据发送到我的服务器而不是其他服务器?
这是我的代码:
@implementation API
@synthesize user;
#pragma mark - Singleton methods
/**
* Singleton methods
*/
+(API*)sharedInstance
{
static API *sharedInstance = nil;
static dispatch_once_t oncePredicate;
dispatch_once(&oncePredicate, ^{
sharedInstance = [[self alloc] initWithBaseURL:[NSURL URLWithString:kAPIHost]];
});
return sharedInstance;
}
#pragma mark - init
//intialize the API class with the destination host name
-(API*)init
{
//call super init
self = [super init];
if (self != nil) {
//initialize the object
user = nil;
[self registerHTTPOperationClass:[AFJSONRequestOperation class]];
[self setDefaultHeader:@"Accept" value:@"application/json"];
}
return self;
}
-(BOOL)isAuthorized
{
return [[user objectForKey:@"id"] intValue]>0;
}
-(void)commandWithParams:(NSMutableDictionary*)params
path: (NSString *) pathstr
onCompletion:(JSONResponseBlock)completionBlock
{
NSMutableURLRequest *apiRequest =
[self multipartFormRequestWithMethod:@"POST"
path: pathstr
parameters: params
constructingBodyWithBlock: ^(id <AFMultipartFormData>formData)
{
//TODO: attach file if needed
}];
AFJSONRequestOperation* operation = [[AFJSONRequestOperation alloc] initWithRequest: apiRequest];
[operation setCompletionBlockWithSuccess:^(AFHTTPRequestOperation *operation, id responseObject) {
//success!
completionBlock(responseObject);
} failure:^(AFHTTPRequestOperation *operation, NSError *error) {
//failure :(
NSLog(@"%@", error);
completionBlock([NSDictionary dictionaryWithObject:[error localizedDescription] forKey:@"error"]);
}];
[operation start];
}
@end
然后我打电话:
[[API sharedInstance] commandWithParams: params
path: @"user/registration"
onCompletion:^(NSDictionary *json)
{