iOS：可以直接在Safari中打开NSURLRequest吗？ [英] iOS: Is it possible to open NSURLRequest directly in Safari?

问题描述

我不是在谈论 UIWebView ，我想使用 NSURLRequest 打开移动版Safari应用程序。

I'm not talking about a UIWebView, I want to open the mobile safari app using an NSURLRequest.

为什么？在我的应用程序中，用户已登录我们的Web服务器。我想让用户选择启动网页而无需重新输入凭据。但是，我不能使用 GET 因为这会将他们的凭据放在URL中。

Why? In my app, the user has already logged into our web server. I want to give the user the option of launching the webpage without having to reenter their credentials. However, I can't use a GET because that would put their credentials in the URL.

所以，可以我使用 NSURLRequest 或从我的应用程序打开safari应用程序（不是 UIWebView ） POST 以其他形式？

So, can I open the safari app (not a UIWebView) from my app with an NSURLRequest or a POST in some other form?

推荐答案

我要把我的脖子放在线上说不 - 没有办法直接将 NSURLRequest 传递给Safari。 iOS上的（主要）应用程序间通信介质是访问URL;没有将对象从一个应用程序传递到另一个应用程序的通用机制。

I'm going to put my neck on the line and say no — there's no way to pass an NSURLRequest directly to Safari. The (primary) inter-application communication medium on iOS is to access URLs; there's no general mechanism for passing objects from one application to another.

我认为你能做的最好的事情就是获取一次性密钥，然后使用URL中的内容弹出到Safari中。并且，如果可以，通过HTTPS执行此操作，以便只有在TLS协商成功后，URL路径和查询组件才可见。这应该阻止任何其他人看到相关的凭据，并阻止它们有用，即使它们是通过其他方式获得的（例如你旁边有人从屏幕复制URL）。

I think the best you're going to be able to do is to fetch a one-time key from your web server in the app, then pop into Safari with that in the URL. And, if you can, do that via HTTPS so that the URL path and query components are only visible once TLS negotiation has succeeded. That should stop anybody else from seeing the relevant credentials and stop them from being useful even if they're obtained by some other means (such as somebody next to you copying the URL from your screen).

这篇关于iOS：可以直接在Safari中打开NSURLRequest吗？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！