NSURLConnection在https上的安全性如何 [英] how secure is NSURLConnection over https
问题描述
我已经阅读了本网站上有关NSURLConnection和https的许多问题,但大多数问题都与不受信任的"证书以及如何允许它们有关.我的问题比较基本.我正在为处理在线捐赠的客户构建一个应用程序,我想使用NSLURLRequest加载他们的捐赠脚本并过帐信用卡详细信息的值(在应用程序中输入).当将这些详细信息发送到我的客户端服务器上的捐赠脚本时,NSURLConnection(在连接到https URL时)是否确保对这些详细信息进行加密?抱歉,如果这是一个基本问题,我只是无法在苹果文档中找到保证这一点的地方.
I've been reading through a number of questions on this site regarding NSURLConnection and https, but most relate to "untrusted" certificates and how to allow them nonetheless. My question is a little more basic. I am building an app for a client who handle online donations, and I would like to load their donation script using an NSLURLRequest and POST the values of credit card details (entered in the app). Does NSURLConnection (when connecting to a https url) ensure the encryption of those details as they are sent to the donation script on my clients server? Sorry if this is a basic question, I just couldn't find a place in the apple docs that guaranteed this.
推荐答案
要求使用受信任的证书可以防止假冒和中间人攻击.加密将达到服务器要求的安全性.
Requiring trusted certificates prevents impersonation and man-in-the-middle attacks. The encryption will be as secure as the server requires.
这篇关于NSURLConnection在https上的安全性如何的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!