Ⅰ https://m.baidu.com/from=1014517c/bd_page_type=1/
<code><code><code>NSURL*url=[NSURLURLWithString:@"https://www.google.com"];
AFHTTPRequestOperationManager*requestOperationManager=[[]initWithBaseURL:url];
dispatch_queue_trequestQueue=dispatch_create_serial_queue_for_name("kRequestCompletionQueue");
requestOperationManager.completionQueue=requestQueue;
AFSecurityPolicy*securityPolicy=[:AFSSLPinningModeCertificate];
//allowInvalidCertificates是否允許無效證書(也就是自建的證書),默認為NO
//如果是需要驗證自建證書,需要設置為YES
securityPolicy.allowInvalidCertificates=YES;
//validatesDomainName是否需要驗證域名,默認為YES;
//如設成NO的話,即伺服器使用其他可信任機構頒發的證書,也可以建立連接,這個非常危險,建議打開。
//因為SSL證書上的域名是獨立的,假如證書上綁定的域名是www.domain.com,那麼mail.domain.com是無法驗證通過的;如果需要同時驗證主域名和子域名,可以申請通配符的域名*.domain.com來解決,即證書上綁定domain.com下的所有二級子域。
securityPolicy.validatesDomainName=YES;
//validatesCertificateChain是否驗證整個證書鏈,默認為YES
//設置為YES,會將伺服器返回的TrustObject上的證書鏈與本地導入的證書進行對比。
//假如是信任的CA所簽發的證書,則建議關閉該驗證,因為整個證書鏈一一比對是完全沒有必要(請查看源代碼);
securityPolicy.validatesCertificateChain=NO;
requestOperationManager.securityPolicy=securityPolicy;
另afnetworking3.0.0以上版本用的是AFHTTPSessionManager
AFHTTPSessionManager*manager=[AFHTTPSessionManagermanager];
NSString*cerPath=[[NSBundlemainBundle]pathForResource:@"server"ofType:@"cer"];
NSData*cerData=[NSDatadataWithContentsOfFile:cerPath];
NSLog(@"%@",cerData);
manager.securityPolicy=[::[[NSArrayalloc]initWithObjects:cerData,nil]];
manager.securityPolicy.allowInvalidCertificates=YES;
[manager.:NO];
manager.requestSerializer=[];
manager.responseSerializer=[];
NSDictionary*parameter=@{@"username":self.username,@"password":self.password};
[managerPOST:@"https://192.168.1.4:9777"parameters:parametersuccess:^(NSURLSessionDataTask*task,idresponseObject){
NSLog(@"success%@",responseObject);
}
failure:^(NSURLSessionDataTask*task,NSError*error){
NSLog(@"failure%@",error);
}]
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>//設置為YES,解除整個app的ATS限制;但是通過NSExceptionDomains進行的配置依然有效
<false>
<key>NSAllowsArbitraryLoadsInMedia</key>//設置為YES,解除通過AVFoundation框架訪問媒體內容時的ATS限制
<true>
<key></key>//設置為YES,解除通過webview發出的網路請求的ATS限制
<true>
<key>NSAllowsLocalNetworking</key>//設置為YES,使得app可以載入任意本地資源,但不影響app的總體ATS策略
<true></true></true></true></false></dict></code></code></code>
Ⅱ http://m.baidu.com/bd_page_type=1/pu=sz%401320%5F480%2Ccuid%40gPSuug8f2alPivtYj8S0tgukHu%5Fwa2ungi
這是剛剛發布的違規網站網址 http://m..com/bd_page_type=1/pu=sz%401320%5F480%2Ccuid%40gPSuug8f2alPivtYj8S0tgukHu%5Fwa2ungivk8gaqBuiSOvt3gavq8%5FaD2f%5Fga2tDA%2Ccua%40%5FPvjhjatvhIDJEjPkJAiC%5FC22IgUI2iKAL1kB%2Ccut%405iWzCJR%%2Cosname%40boxapp%2Cctv%402%2Ccfrom%401399k%2Ccen%40cuid%5Fcua%5Fcut%2Ccsrc%40app%5Fmainbox%5Ftxt%2Cusm%400%2Cta%40zbio/uid=/t=zbios/w=0_10_%E4%BA%9A%E6%B4%B2seee%E5%9B%BE%E6%89%8B%E6%9C%BA%E7%89%88/ssid=0/from=1001338a/l=4/id=/tc?pn=15&m=0&id=&sec=31700&di=44d4d53e4f23176f&src=www%2E17seee%2Ecom%2Fview%2Findex5804%2Ehtml??