Hi,
I implemented the NSPinnedDomains according to https://developer.apple.com/news/?id=g9ejcf8y "Identity Pinning: How to configure server certificates for your app".
This is my config (I added a wrong SHA256 hash so I can test if it works):
With NSURLSessions it properly fails when I try to load
it prints following error:
But when I try to load the URL from JavaScript in WKWebView, it succeeds.
Is WKWebView not supported? Or am I doing something wrong?
Thanks and kind regards,
Mika
Objc code:
Web code (can be included in any html page inside WKWebView):
I implemented the NSPinnedDomains according to https://developer.apple.com/news/?id=g9ejcf8y "Identity Pinning: How to configure server certificates for your app".
This is my config (I added a wrong SHA256 hash so I can test if it works):
Code Block <key>NSAppTransportSecurity</key> <dict> <key>NSPinnedDomains</key> <dict> <key>jsonplaceholder.typicode.com</key> <dict> <key>NSPinnedCAIdentities</key> <array> <dict> <key>SPKI-SHA256-BASE64</key> <string>r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=</string> </dict> </array> <key>NSIncludesSubdomains</key> <true/> </dict> </dict> </dict>
With NSURLSessions it properly fails when I try to load
Code Block https://jsonplaceholder.typicode.com/todos/2
it prints following error:
Code Block An SSL error has occurred and a secure connection to the server cannot be made
But when I try to load the URL from JavaScript in WKWebView, it succeeds.
Is WKWebView not supported? Or am I doing something wrong?
Thanks and kind regards,
Mika
Objc code:
Code Block NSString *urlString = @"https://jsonplaceholder.typicode.com/todos/2"; NSURL *url = [NSURL URLWithString:urlString]; NSURLSessionDataTask *downloadTask = [[NSURLSession sharedSession] dataTaskWithURL:url completionHandler:^(NSData *data, NSURLResponse *response, NSError *error) { }]; [downloadTask resume];
Web code (can be included in any html page inside WKWebView):
Code Block <script> document.addEventListener("DOMContentLoaded", () => { fetch("https://jsonplaceholder.typicode.com/todos/2") .then(res => res.json()) .then(res => console.log(res)); }); </script>