2

我正在更新我的 iOS 应用程序,该应用程序从 Instagram for iOS v[redacted] 中提取图像。有一个新功能可以加强网络安全。它正在妨碍我通过以下方式获取 Instagram NSError

Description: {
    NSErrorFailingURLKey = "https:/instagram.com/p/52A5mtpurv/media/?size=l";
    NSErrorFailingURLStringKey = "https:/instagram.com/p/52A5mtpurv/media/?size=l";
    NSLocalizedDescription = "An SSL error has occurred and a secure connection to the server cannot be made.";
    NSLocalizedRecoverySuggestion = "Would you like to connect to the server anyway?";
    NSURLErrorFailingURLPeerTrustErrorKey = "<SecTrustRef: 0x17b1ebe0>";
    NSUnderlyingError = "Error Domain=kCFErrorDomainCFNetwork Code=-1200 \"An SSL error has occurred and a secure connection to the server cannot be made.\" UserInfo={NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made., _kCFNetworkCFStreamSSLErrorOriginalValue=-9802, _kCFStreamPropertySSLClientCertificateState=0, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorCodeKey=-9802, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x17b1ebe0>, _kCFStreamErrorDomainKey=3, NSErrorFailingURLStringKey=https://igcdn-photos-f-a.akamaihd.net/hphotos-ak-xaf1/t51.2885-15/11375272_1120995804579077_1215796842_n.jpg, NSErrorFailingURLKey=https://igcdn-photos-f-a.akamaihd.net/hphotos-ak-xaf1/t51.2885-15/11375272_1120995804579077_1215796842_n.jpg}";
    "_kCFStreamErrorCodeKey" = "-9802";
    "_kCFStreamErrorDomainKey" = 3;
}

简单的答案是禁用新的安全功能。许多人显然正在采用这种方法。我认为这是不明智的。

阅读上述错误,很明显 Akamai CDN、atakamaihd.net和 Instagram 正在组合以显示问题。

我在以下异常声明info.plist

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSExceptionDomains</key>
    <dict>
        <key>instagram.com</key>
        <dict>
            <key>NSExceptionAllowInsecureHTTPSLoads</key>
            <true/>
            <key>NSExceptionRequiresForwardSecrecy</key>
            <false/>
            <key>NSExceptionMinimumTLSVersion</key>
            <string>TLSv1.0</string>
            <key>NSThirdPartyExceptionAllowsInsecureHTTPLoads</key>
            <true/>
            <key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
            <false/>
            <key>NSThirdPartyExceptionMinimumTLSVersion</key>
            <string>TLSv1.0</string>
        </dict>
    </dict>

上面的例外没有做这项工作。关于如何进行的任何想法?同样,禁用新的安全功能并不能解决处理通过 CDN 运行的公共服务的问题。

4

2 回答 2

3

问题是我的代码中的一个激进的斜线减速器。它崩溃了https://to https:/。这导致了错误。

于 2015-08-01T16:00:20.680 回答
0

对我来说,这对完美无缺:

        <key>instagram.com</key>
        <dict>
            <key>NSIncludesSubdomains</key>
            <true/>
            <key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
            <false/>
        </dict>
于 2015-12-03T15:15:32.747 回答