1.https://m.baidu.com/from=1014517c/bd_page_type=1/
https://m.baidu.com/from=1014517c/bd_page_type=1/
<code><code><code>NSURL *url = [NSURL URLWithString:@""];
AFHTTPRequestOperationManager *requestOperationManager = [[AFHTTPRequestOperationManager alloc]initWithBaseURL:url];
dispatch_queue_t requestQueue = dispatch_create_serial_queue_for_name("kRequestCompletionQueue");
requestOperationManager.completionQueue =requestQueue;
AFSecurityPolicy * securityPolicy =[AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeCertificate];
//allowInvalidCertificates 是源码否允许无效证书(也就是自建的证书),默认为NO
//如果是源码需要验证自建证书,需要设置为YES
securityPolicy.allowInvalidCertificates =YES;
//validatesDomainName 是源码否需要验证域名,默认为YES;
//如设成NO的源码tcc 事务 源码话,即服务器使用其他可信任机构颁发的源码证书,也可以建立连接,源码bitmap源码解读这个非常危险,源码建议打开。源码
//因为SSL证书上的源码域名是独立的,假如证书上绑定的源码域名是www.domain.com,那么mail.domain.com是源码无法验证通过的;如果需要同时验证主域名和子域名,可以申请通配符的源码域名*.domain.com来解决,即证书上绑定domain.com下的源码虚拟女友 源码所有二级子域。
securityPolicy.validatesDomainName = YES;
//validatesCertificateChain 是源码否验证整个证书链,默认为YES
//设置为YES,源码会将服务器返回的隐私网站源码TrustObject上的证书链与本地导入的证书进行对比。
//假如是信任的CA所签发的证书,则建议关闭该验证,因为整个证书链一一比对是蚂蚁视频源码完全没有必要(请查看源代码);
securityPolicy.validatesCertificateChain =NO;
requestOperationManager.securityPolicy =securityPolicy;
另afnetworking 3.0.0以上版本用的是AFHTTPSessionManager
AFHTTPSessionManager * manager =[AFHTTPSessionManager manager];
NSString * cerPath = [[NSBundle mainBundle]pathForResource:@"server" ofType:@"cer"];
NSData * cerData = [NSData dataWithContentsOfFile:cerPath];
NSLog(@"%@", cerData);
manager.securityPolicy = [AFSecurityPolicypolicyWithPinningMode:AFSSLPinningModeCertificate withPinnedCertificates:[[NSArrayalloc] initWithObjects:cerData, nil]];
manager.securityPolicy.allowInvalidCertificates = YES;
[manager.securityPolicy setValidatesDomainName:NO];
manager.requestSerializer = [AFJSONRequestSerializer serializer];
manager.responseSerializer= [AFJSONResponseSerializer serializer];
NSDictionary * parameter = @{ @"username":self.username,@"password":self.password};
[manager POST:@"https://..1.4:" parameters:parametersuccess:^(NSURLSessionDataTask * task, id responseObject) {
NSLog(@"success %@", responseObject);
}
failure:^(NSURLSessionDataTask * task, NSError * error) {
NSLog(@"failure %@", error);
}]
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>//设置为 YES,解除整个app的ATS限制;但是通过NSExceptionDomains进行的配置依然有效
<false>
<key>NSAllowsArbitraryLoadsInMedia</key> //设置为 YES,解除通过AVFoundation框架访问媒体内容时的ATS 限制
<true>
<key>NSAllowsArbitraryLoadsInWebContent</key> //设置为 YES,解除通过webview发出的网络请求的ATS限制
<true>
<key>NSAllowsLocalNetworking</key> //设置为 YES,使得app可以载入任意本地资源,但不影响app的总体 ATS 策略
<true></true></true></true></false></dict></code></code></code>