From fbe3b95e8cdec7d3ee27a30035315c80a2c08109 Mon Sep 17 00:00:00 2001 From: Jens Andersson Date: Wed, 11 Dec 2013 13:31:03 +0100 Subject: [PATCH 1/2] Added new option to allow invalid SSL Certificates. Useful for testing --- SDWebImage/SDWebImageDownloader.h | 7 ++++++- SDWebImage/SDWebImageDownloaderOperation.m | 13 +++++++++++++ SDWebImage/SDWebImageManager.h | 7 ++++++- SDWebImage/SDWebImageManager.m | 1 + 4 files changed, 26 insertions(+), 2 deletions(-) diff --git a/SDWebImage/SDWebImageDownloader.h b/SDWebImage/SDWebImageDownloader.h index db57e9d..ae7cfd7 100644 --- a/SDWebImage/SDWebImageDownloader.h +++ b/SDWebImage/SDWebImageDownloader.h @@ -33,7 +33,12 @@ typedef enum * Handles cookies stored in NSHTTPCookieStore by setting * NSMutableURLRequest.HTTPShouldHandleCookies = YES; */ - SDWebImageDownloaderHandleCookies = 1 << 5 + SDWebImageDownloaderHandleCookies = 1 << 5, + SDWebImageDownloaderAllowInvalidSSLCertificates = 1 << 6 + /** + * Enable this to allow untrusted SSL ceriticates. + * Useful for testing purposes. + */ } SDWebImageDownloaderOptions; diff --git a/SDWebImage/SDWebImageDownloaderOperation.m b/SDWebImage/SDWebImageDownloaderOperation.m index 552b798..da21082 100644 --- a/SDWebImage/SDWebImageDownloaderOperation.m +++ b/SDWebImage/SDWebImageDownloaderOperation.m @@ -371,5 +371,18 @@ return self.options & SDWebImageDownloaderContinueInBackground; } +- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace { + return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]; +} + +- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge { + BOOL trustAllCertificates = (self.options & SDWebImageDownloaderAllowInvalidSSLCertificates); + if (trustAllCertificates && [challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]) { + [challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] + forAuthenticationChallenge:challenge]; + } + + [challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge]; +} @end diff --git a/SDWebImage/SDWebImageManager.h b/SDWebImage/SDWebImageManager.h index b6df499..39a11a7 100644 --- a/SDWebImage/SDWebImageManager.h +++ b/SDWebImage/SDWebImageManager.h @@ -51,7 +51,12 @@ typedef enum * Handles cookies stored in NSHTTPCookieStore by setting * NSMutableURLRequest.HTTPShouldHandleCookies = YES; */ - SDWebImageHandleCookies = 1 << 6 + SDWebImageHandleCookies = 1 << 6, + SDWebImageAllowInvalidSSLCertificates = 1 << 7 + /** + * Enable this to allow untrusted SSL ceriticates. + * Useful for testing purposes. + */ } SDWebImageOptions; typedef void(^SDWebImageCompletedBlock)(UIImage *image, NSError *error, SDImageCacheType cacheType); diff --git a/SDWebImage/SDWebImageManager.m b/SDWebImage/SDWebImageManager.m index e1ab9d1..2c9bafe 100644 --- a/SDWebImage/SDWebImageManager.m +++ b/SDWebImage/SDWebImageManager.m @@ -146,6 +146,7 @@ if (options & SDWebImageRefreshCached) downloaderOptions |= SDWebImageDownloaderUseNSURLCache; if (options & SDWebImageContinueInBackground) downloaderOptions |= SDWebImageDownloaderContinueInBackground; if (options & SDWebImageHandleCookies) downloaderOptions |= SDWebImageDownloaderHandleCookies; + if (options & SDWebImageAllowInvalidSSLCertificates) downloaderOptions |= SDWebImageDownloaderAllowInvalidSSLCertificates; if (image && options & SDWebImageRefreshCached) { // force progressive off if image already cached but forced refreshing From 706c57308e6d3af422dd375cc35bd058be7dbc34 Mon Sep 17 00:00:00 2001 From: Jens Andersson Date: Wed, 11 Dec 2013 16:26:08 +0100 Subject: [PATCH 2/2] Cleaned up code to follow project code style --- SDWebImage/SDWebImageDownloader.h | 6 +++--- SDWebImage/SDWebImageDownloaderOperation.m | 9 ++++++--- SDWebImage/SDWebImageManager.h | 6 +++--- 3 files changed, 12 insertions(+), 9 deletions(-) diff --git a/SDWebImage/SDWebImageDownloader.h b/SDWebImage/SDWebImageDownloader.h index ae7cfd7..3d0921c 100644 --- a/SDWebImage/SDWebImageDownloader.h +++ b/SDWebImage/SDWebImageDownloader.h @@ -34,11 +34,11 @@ typedef enum * NSMutableURLRequest.HTTPShouldHandleCookies = YES; */ SDWebImageDownloaderHandleCookies = 1 << 5, - SDWebImageDownloaderAllowInvalidSSLCertificates = 1 << 6 /** - * Enable this to allow untrusted SSL ceriticates. - * Useful for testing purposes. + * Enable to allow untrusted SSL ceriticates. + * Useful for testing purposes. Use with caution in production. */ + SDWebImageDownloaderAllowInvalidSSLCertificates = 1 << 6 } SDWebImageDownloaderOptions; diff --git a/SDWebImage/SDWebImageDownloaderOperation.m b/SDWebImage/SDWebImageDownloaderOperation.m index da21082..e019600 100644 --- a/SDWebImage/SDWebImageDownloaderOperation.m +++ b/SDWebImage/SDWebImageDownloaderOperation.m @@ -371,13 +371,16 @@ return self.options & SDWebImageDownloaderContinueInBackground; } -- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace { +- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace +{ return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]; } -- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge { +- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge +{ BOOL trustAllCertificates = (self.options & SDWebImageDownloaderAllowInvalidSSLCertificates); - if (trustAllCertificates && [challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]) { + if (trustAllCertificates && [challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]) + { [challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge]; } diff --git a/SDWebImage/SDWebImageManager.h b/SDWebImage/SDWebImageManager.h index 39a11a7..688d457 100644 --- a/SDWebImage/SDWebImageManager.h +++ b/SDWebImage/SDWebImageManager.h @@ -52,11 +52,11 @@ typedef enum * NSMutableURLRequest.HTTPShouldHandleCookies = YES; */ SDWebImageHandleCookies = 1 << 6, - SDWebImageAllowInvalidSSLCertificates = 1 << 7 /** - * Enable this to allow untrusted SSL ceriticates. - * Useful for testing purposes. + * Enable to allow untrusted SSL ceriticates. + * Useful for testing purposes. Use with caution in production. */ + SDWebImageAllowInvalidSSLCertificates = 1 << 7 } SDWebImageOptions; typedef void(^SDWebImageCompletedBlock)(UIImage *image, NSError *error, SDImageCacheType cacheType);