NSCharacterSet URLHostAllowedCharacterSet是否不替换"+"号? [英] NSCharacterSet URLHostAllowedCharacterSet doesn't replace '+' sign?

问题描述

我正在努力通过网络传输较长的加密字符串，并使它们在服务器上正确输出.例如，我在客户端上有以下加密的字符串:

I'm struggling to transmit long encrypted strings over the network and get them to come out correctly on the server. For example, I have this encrypted string on the client:

wcWSERZCh8Xm1hpbNo1kSD1LvFmpuUr4wmq9hQUWeK0vYcLeFPGwFR/sBTES1A4rPV6eyp9nzEEU9uKkiFSTdP + SPOSqUf6evjf3WRHrXMRe81lIrHuRyk0iRwoNe5uIk + VlpR41kETmznXa4 + gELmf53r7oayRkkffnIPDmpO + WbgE0VL3PQeOsXB01tWJyDiBIsz5WJiiEIm3ZoJW/SW ==

wcWSERZCh8Xm1hpbNo1kSD1LvFmpuUr4wmq9hQUWeK0vYcLeFPGwFR/sBTES1A4rPV6eyp9nzEEU9uKkiFSTdP+SPOSqUf6evjf3WRHrXMRe81lIrHuRyk0iRwoNe5uIk+VlpR41kETmznXa4+gELmf53r7oayRkkffnIPDmpO+WbgE0VL3PQeOsXB01tWJyDiBIsz5WJiiEIm3ZoJW/sw==

如您所见，

它有一些字符，如果没有某些URL编码(最著名的是+和/)将无法通过网络传输.我不确定在其他情况下是否还会出现其他字符，因此我想确保我的解决方案普遍"正确.我正在使用此行:

As you can see, it has a few characters that will not transmit over the network without some URL encoding (+ and /, most notably). I'm not entirely sure if there could be other characters that could arise in other situations, so I want to make sure that my solution is 'universally' correct. I am using this line:

NSString *escapedString = [cipherString stringByAddingPercentEncodingWithAllowedCharacters:[NSCharacterSet URLHostAllowedCharacterSet]];

我在经过高度评价的 answer 中找到了

.

which I found in a highly reviewed answer.

但是，我仍然无法在服务器端解密它，因此我在发送之前立即在客户端上打印了结果，我看到了:

However, I'm still having trouble decrypting this on the server side, so I printed out the results on the client immediately before sending, and I see this:

wcWSERZCh8Xm1hpbNo1kSD1LvFmpuUr4wmq9hQUWeK0vYcLeFPGwFR％2FsBTES1A4rPV6eyp9nzEEU9uKkiFSTdP + SPOSqUf6evjf3WRHrXMRe81lIrHuRyk0iRwoNe5uIk + VlpR41kETmznXa4 + gELmf53r7oayRkkffnIPDmpO + WbgE0VL3PQeOsXB01tWJyDiBIsz5WJiiEIm3ZoJW％2Fsw ==

wcWSERZCh8Xm1hpbNo1kSD1LvFmpuUr4wmq9hQUWeK0vYcLeFPGwFR%2FsBTES1A4rPV6eyp9nzEEU9uKkiFSTdP+SPOSqUf6evjf3WRHrXMRe81lIrHuRyk0iRwoNe5uIk+VlpR41kETmznXa4+gELmf53r7oayRkkffnIPDmpO+WbgE0VL3PQeOsXB01tWJyDiBIsz5WJiiEIm3ZoJW%2Fsw==

为什么"+"号仍然存在?我使用了错误的允许字符集吗?应该使用哪个字符集来保证我可以正确转义所有有问题的字符?

Why are the '+' signs still there? Am I using the wrong allowed character set? Which character set should I use to guarantee that I correctly escape all problematic characters?

如果有帮助，这是我用来加密纯文本字符串的代码.完成后，我将对结果进行base64编码，然后再通过网络发送:

If it helps, here is the code that I am using to encrypt the plain text string. When it is done, I base64 encode the results before sending across the network:

- (NSData *)phpEncryptCleartext : (NSData *)cleartext
{
    NSData *cleartextPadded = [self phpPadData:cleartext];

    CCCryptorStatus ccStatus        = kCCSuccess;
    size_t          cryptBytes      = 0;    // Number of bytes moved to buffer.
    NSMutableData  *cipherTextData  = [NSMutableData dataWithLength:cleartextPadded.length];

    ccStatus = CCCrypt(kCCEncrypt,
                       kCCAlgorithmAES128,
                       0,
                       _sessionKey.bytes,
                       kCCKeySizeAES128,
                       _iv.bytes,
                       cleartextPadded.bytes,
                       cleartextPadded.length,
                       cipherTextData.mutableBytes,
                       cipherTextData.length,
                       &cryptBytes);

    if (ccStatus == kCCSuccess) {
        cipherTextData.length = cryptBytes;
    }
    else {
        NSLog(@"kEncryptionError code: %d", ccStatus); // Add error handling
        cipherTextData = nil;
    }

    return cipherTextData;
}

感谢您的任何建议！

推荐答案

快速版本此处.

要转义字符，请使用stringByAddingPercentEncodingWithAllowedCharacters:

NSString *URLEscapedString =
[string stringByAddingPercentEncodingWithAllowedCharacters:[NSCharacterSet URLQueryAllowedCharacterSet]];

以下是有用的字符集，实际上是字符集中未包含的字符:

The following are useful character sets, actually the characters not included in the sets:

URLFragmentAllowedCharacterSet  "#%<>[\]^`{|}
URLHostAllowedCharacterSet      "#%/<>?@\^`{|}
URLPasswordAllowedCharacterSet  "#%/:<>?@[\]^`{|}
URLPathAllowedCharacterSet      "#%;<>?[\]^`{|}
URLQueryAllowedCharacterSet     "#%<>[\]^`{|}
URLUserAllowedCharacterSet      "#%/:<>?@[\]^`

或者仅使用需要转义的字符来创建自己的字符集.

Or create your own characterset with just the characters that you need to escape.

NSCharacterSet *customCharacterset = [[NSCharacterSet characterSetWithCharactersInString:@"your characters"] invertedSet];

结合以上所有内容创建角色集:

Creating a characterset combining all of the above:

NSCharacterSet *URLFullCharacterSet = [[NSCharacterSet characterSetWithCharactersInString:@" \"#%/:<>?@[\\]^`{|}"] invertedSet];

创建Base64

对于Base64字符集:

In the case of Base64 characterset:

NSCharacterSet *URLBase64CharacterSet = [[NSCharacterSet characterSetWithCharactersInString:@"/+=\n"] invertedSet];

注意:stringByAddingPercentEncodingWithAllowedCharacters还将对需要编码的UTF-8字符进行编码.

Note: stringByAddingPercentEncodingWithAllowedCharacters will also encode UTF-8 characters requiring encoding.

验证集合中字符的示例:

Example to verify the characters in the set:

void characterInSet(NSCharacterSet *set) {
    NSMutableString *characters = [NSMutableString new];
    NSCharacterSet *invertedSet = set.invertedSet;
    for (int i=32; i<127; i++) {
        if ([invertedSet characterIsMember:(unichar)i]) {
            NSString *c = [[NSString alloc] initWithBytes:&i length:1 encoding:NSUTF8StringEncoding];
            [characters appendString:c];
        }
    }
    printf("characters not in set: '%s'\n", [characters UTF8String]);
}

这篇关于NSCharacterSet URLHostAllowedCharacterSet是否不替换"+"号?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！