HTTPS 请求仅在 iOS、Ionic 2 上失败 [英] HTTPS request fails only on iOS, Ionic 2
问题描述
我有一个 Ionic 2 应用程序,它调用一个 Spring Boot API 来向其他设备发送推送通知.API 配置了 HTTPS.
I have an Ionic 2 application that calls a Spring Boot API to send push notifications to other devices. The API is configured with HTTPS.
API POST 请求适用于所有除了 iOS.
The API POST request works on everything except iOS.
我在服务器上的 SSL 证书是自签名的(也许就是这样?).
My SSL certificate on the server is self signed (maybe that's it?).
适用于:
- 离子服务
- 安卓
- 邮递员
- 卷曲
这是请求:
public sendNotificationRequest(title: string, action: string, name: string, tokens: any, notifications: boolean) {
// Check if user turned off notifications
if(!notifications) {
return;
}
let headers = new Headers({'Content-Type': 'application/json'});
headers.append('Authorization', 'Basic ' + btoa(this.username_decrypted + ':' + this.password_decrypted));
let body = this.formObj(tokens, title, action, name);
console.log(body);
this.http.post("https://<some-url>",
body, { headers: headers }
).subscribe((response) => {
console.log("HTTPS RESPONSE");
console.log(response);
}, function(error) {
console.log("HTTPS ERROR");
console.log(error);
});
}
标头响应如下:
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Authorization");
并收到此错误:
{
"_body":
{"isTrusted":true},
"status":0,"ok":false,
"statusText":"",
"headers":{},
"type":3,
"url":null
}
Spring Boot API:
Spring Boot API:
@CrossOrigin
@RequestMapping(value="/notifications", method=RequestMethod.POST, consumes=MediaType.APPLICATION_JSON_VALUE, produces=MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<NotificationParent> sendNotifications(@RequestBody NotificationParent objs) {
...
return new ResponseEntity<NotificationParent>(objs, HttpStatus.OK);
}
我假设这是一个 iOS 安全问题,但我不知道.
I am assuming its an iOS security issue, but I have no idea.
推荐答案
我认为您的假设是正确的 - 一个 iOS 安全问题.在 iOS 中,有一种叫做 App Transport Security 的东西,默认情况下不允许通过 HTTP 连接和使用自签名证书的连接.
I think your assumption is correct-- an iOS security issue. In iOS there is something called App Transport Security that disallows, by default, connections over HTTP and connections with self-signed certificates.
你必须添加
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
到您项目的 Info.plist 以允许您的自签名流量.
to the Info.plist of your project to allow your self-signed traffic.
请参阅此答案以及以下链接以了解更多信息.
See this answer as well as the below links for more info.
http://blog.ionic.io/preparing-for-ios-9/
https://gist.github.com/mlynch/284699d676fe9ed0abfa
这篇关于HTTPS 请求仅在 iOS、Ionic 2 上失败的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
