HTTPS请求仅在iOS Ionic 2上失败 [英] HTTPS request fails only on iOS, Ionic 2

问题描述

我有一个Ionic 2应用程序，该应用程序调用Spring Boot API将推送通知发送到其他设备.该API已配置为HTTPS.

I have an Ionic 2 application that calls a Spring Boot API to send push notifications to other devices. The API is configured with HTTPS.

API POST请求适用于除 iOS以外的所有内容.

The API POST request works on everything except iOS.

我在服务器上的SSL证书是自签名的(也许就是这样).

My SSL certificate on the server is self signed (maybe that's it?).

适用于:

• 离子服务
• Android
• 邮递员
• 卷曲

这是请求:

public sendNotificationRequest(title: string, action: string, name: string, tokens: any, notifications: boolean) {
    // Check if user turned off notifications
    if(!notifications) {
        return;
    }

    let headers = new Headers({'Content-Type': 'application/json'});
    headers.append('Authorization', 'Basic ' + btoa(this.username_decrypted + ':' + this.password_decrypted));
    let body = this.formObj(tokens, title, action, name);
    console.log(body);

    this.http.post("https://<some-url>",
                    body, { headers: headers }
    ).subscribe((response) => {
        console.log("HTTPS RESPONSE");
        console.log(response);
    }, function(error) {
        console.log("HTTPS ERROR");
        console.log(error);
    });
}

标头响应如下:

response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Authorization");

并且收到此错误:

{
 "_body":
    {"isTrusted":true},
    "status":0,"ok":false,
    "statusText":"",
    "headers":{},
    "type":3,
    "url":null
}

Spring Boot API:

Spring Boot API:

@CrossOrigin
@RequestMapping(value="/notifications", method=RequestMethod.POST, consumes=MediaType.APPLICATION_JSON_VALUE, produces=MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<NotificationParent> sendNotifications(@RequestBody NotificationParent objs) {
    ...
    return new ResponseEntity<NotificationParent>(objs, HttpStatus.OK);
}

我认为这是iOS的安全问题，但我不知道.

I am assuming its an iOS security issue, but I have no idea.

推荐答案

我认为您的假设是正确的-一个iOS安全问题.在iOS中，有一种称为应用程序传输安全性"的应用程序，默认情况下不允许通过HTTP进行连接以及使用自签名证书进行连接.

I think your assumption is correct-- an iOS security issue. In iOS there is something called App Transport Security that disallows, by default, connections over HTTP and connections with self-signed certificates.

您必须添加

<key>NSAppTransportSecurity</key>
<dict>
  <key>NSAllowsArbitraryLoads</key>
  <true/>
</dict>

转到项目的Info.plist，以允许您进行自签名访问.

to the Info.plist of your project to allow your self-signed traffic.

有关更多信息，请参见此答案以及以下链接.

See this answer as well as the below links for more info.

http://blog.ionic.io/preparing-for-ios- 9/

https://gist.github.com/mlynch/284699d676fe9ed0abfa

https://developer.apple.com/library/prerelease/content/documentation/General/Reference/InfoPlistKeyReference/Articles/CocoaKeys.html#//apple_ref/doc/uid/TP40009251-SW33

这篇关于HTTPS请求仅在iOS Ionic 2上失败的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！