如何使用非纯文本方式进行NSURLRequest登录
[英]How to make an NSURLRequest login NOT in plain text
问题描述
Whats the best way to make this a more secure and less obvious security risk? 
使其更安全且不那么明显的安全风险的最佳方法是什么?
NSString *loginIdentification = [NSString stringWithFormat:@"user=%@&pass=%@&", userNameLogin, passWordLogin];
addressVariable = [NSString stringWithFormat:@"%@/%@", url, loginIdentification];
addressVariable = [addressVariable stringByAddingPercentEscapesUsingEncoding: NSUTF8StringEncoding];
NSURLResponse* response = nil;
NSError* error = nil;
NSData* data = [NSURLConnection sendSynchronousRequest:request returningResponse:&response error:&error];
2 个解决方案
解决方案1
1 2010-06-29 19:02:13
确保您使用的是https连接,而不是http连接。
解决方案2
1 2010-06-29 21:00:59
Instead of putting the sensitive information in the URL (via GET), use the POST method and put them in the body. 不要使用GET方法将敏感信息放在URL中(通过GET),而是将它们放在正文中。 That way, they won't show up in your server logs. 这样,它们将不会显示在您的服务器日志中。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
如何使用GCD使NSURLRequest排队? - How to make a queue of NSURLRequest using GCD?
如何使用NSURLRequest设置Cookie? - How to set a Cookie with a NSURLRequest?
如何使用用户代理初始化NSURLRequest - How to initial a NSURLRequest with user agent
如何在iPhone中停止同步NSURLRequest? - How to Stop a Synchronous NSURLRequest in iPhone?
如何处理纯文本密码 - How to handle plain-text passwords
如何将小写字段添加到NSURLRequest头字段? - How to add lowercase field to NSURLRequest header field?
如何使用NSURLRequest访问WebDynpro页面 - How to access a WebDynpro page using NSURLRequest
如何处理NSURLRequest HTTP错误303? - How to handle NSURLRequest HTTP error 303?
NSURLRequest:如何将httpMethod“GET”更改为“POST” - NSURLRequest: How to change httpMethod “GET” to “POST”
如何使用NSURLRequest忽略自签名证书 - how to ignore self-signing certificate with NSURLRequest
相关标签