Xcode:在最终的iOS应用中隐藏/保护资源文件? [英] Xcode: hide / protect resource files in final iOS app?
问题描述
我计划开发一个iOS应用程序,并希望使用HTML5,CSS和Javascript。最终的应用程序应该使用Xcode和 UIWebView 实现为本机应用程序。
I plan to develop an app for iOS and want to use HTML5, CSS and Javascript. The final app should be implemented as a native app using Xcode and UIWebView.
我可以隐藏或保护我的html文件在最终的应用程序?我必须将文件放在Xcode中的支持文件文件夹中。因此,每个人都可以通过提取.ipa文件购买应用程序后查看普通文件,对吧?
Can I hide or protect my html files in the final app? I have to put the files in the folder called "Supporting Files" in Xcode. Therefore, everyone can view the plain files after purchasing the app by extracting the .ipa file, right?
推荐答案
有很多方法保护您的数据,取决于您希望保护的良好程度。对于只有偶然黑客的极小保护,您可以使用字符串模糊处理算法来模糊和解模糊HTML内容作为 NSString 。以下是这样做的示例。我没有使用这些特定的代码,但是我也没有真正推荐使用模糊化技术,除非数据真的不是很敏感。
There's many ways to protect your data, depending on how good you want the protection to be. For very minimal protection against only casual hackers, you could use a string obfuscation algorithm to obfuscate and de-obfuscate the HTML content as NSStrings. Here's an example of doing that. I haven't used that particular code, but I'm also not really recommending obfuscation as a technique, unless the data really isn't very sensitive.
更好的解决方案是加密 HTML内容,虽然这更多的工作,可能涉及一些导出控制问题,具体取决于您的位置以及您分发应用程序的位置。
The better solution is to encrypt the HTML content, although that's more work, and may involve some export control issues, depending on where you are, and where you're distributing your app.
对于加密,您有很多选项。
For encryption, you have lots of options.
1) 这是一个开源实现,提供了一些安全版本,如 NSUserDefaults 。但是,代码中没有看到相当于 registerDefaults:的内容,所以有可能运行应用程序的第一个时间,您可能会从网络下载内容。但是,您可以加密并将其存储在 PDKeychainBindings 中作为字符串值。在随后的运行中,您可以这样解压存储的HTML 文件:
1) Here is an open source implementation that provides a secure version of something like NSUserDefaults. I don't see an equivalent to registerDefaults: in that code, though, so it's possible that the first time your app runs, you may have to download the content from the web. But, then you could encrypt and store it in PDKeychainBindings as a string value. On subsequent runs, you could then extract stored HTML "files" like this:
NSString* webPageContent =
[[PDKeychainBindings sharedKeychainBindings] valueForKey: @"index.html"];
2)这是另一个提供AES加密包装的开源项目。在发布应用程序之前,您将编写一些非生产代码,将HTML内容加密到将被捆绑资源的加密数据文件中。当您的应用程序运行时,它将打开文件并将其解密为 NSString 对象,可以通过 c
2) Here's another open source project that provides AES encryption wrappers. You would write some non-production code before releasing your app to encrypt the HTML content into encrypted data files that would be bundle resources. When your app runs, it opens the files and decrypts them into NSString objects which can be given to your UIWebView via loadHTMLString: baseURL:.
3)最后,另一个使用底层 CommonCrypto API来保护捆绑资源的示例。此示例使用自定义构建步骤来自动加密特定文件夹中的资源,如果您受保护的HTML内容将经常更改,那将节省一些时间。
3) Finally, here's another example of using the underlying CommonCrypto APIs to protect bundle resources. This example uses a custom build step to automatically encrypt resources in a particular folder, which would save you some time if your protected HTML content is going to change reasonably often.
这篇关于Xcode:在最终的iOS应用中隐藏/保护资源文件?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
