I'm trying to make a URL request to my server but the request needs to go through a proxy (IP address, not used for authentication). Can anyone get me any pointers on how to achieve this?
Can I programatically set a proxy for an URL request?
thanks
Thomas
You can set/enable HTTP proxy on you mac(development) machine and try the app on the simulator. I did this for one of my apps.
I am not sure how to do it programatically.
Related
Fiddler doesn't show outgoing API requests.
Using IFEO debugger shows localhost requests that are not usefull for me, I need actual domains.
Someone told me that client ignores windows proxy and i need application proxy but client has protection against it so there's even more to it.
Has anyone tracked lol/riot's requests before and know how to do that?
I came across a challenge that can't seem to find a way to handle. I have a software that runs a camera system. This software is only capable of sending a POST requests. It allows me to type in the host IP, user name, password and a body of a request. I wanted to send an http request to close/open an output on one of the cameras, but from the camera manufacturer API documentation the only way to close an output via http request is to send a request with PUT method. Is there a way to change a method of a request from the body of the request, or from the host IP field? Or maybe there is a standalone software that could act as a proxy to convert that request? Finally if there's no solution out of the box does anybody know if I could set up a lightweight server with which I could accept the POST request, analyze it and send it as a PUT request?
Really appreciate your input.
Thank you.
Well if you ask, there surely is burpsuite which can be used to manipulate your http request packet. Just add the port to proxy option and turn the interceptor on so before the request reaches to api you can manipulate the http packet.
Hope this is what you were looking for.
I am making an iPhone app with the aim of connecting to a wifi hotspot.
The connection to the hotspot is made with a https web page.
In order to identify if the web page is a real hotspot, not a fake hotspot to steal logins, I want to check the https certificate of the web page. The web page is loaded in a UIWebview.
Questions : How I can retreive informations about the https certificate ?
EDIT : I think that should be possible with the NSURLConnection but with a UIWebView, I haven't the NSURLConnection object.
Thanks for your answers !
You can't do this with a UIWebView, but you can using the canAuthenticateAgainstProtectionSpace: delegate method for NSURLConnection. You can use this delegate method to create an NSData copy of the certificate you want to verify, and then compare it against a locally stored copy.
That said, as indicated above it doesn't really add much security, and there are better ways of achieving what you want to achieve.
i am making an app in which there is a need of money transaction...
for this i have to send SOAP xml to server but in secure way....
i have been told that i have to create SSL connection first and then send that soap message.....
I know about SOAP very well but no idea about SSL connection...
please provide some help...
Check out NSURLConnection docs on the apple site: NSURLConnection
EDIT: added more info.
You need to set up authentication. A quick search of SO produced these results:
NSURLConnection SSL HTTP Basic Auth and
HTTPS with NSURLConnection - NSURLErrorServerCertificateUntrusted
You need to set up your server to handle authentication, then issue a challenge to the device. As you can see in the above posts, there is a function: didReceiveAuthenticationChallenge:
You need to use this to handle authentication challenges. You can get a good idea of how to go about it using the above posts.
Your server needs to be set up to handle authentication, as well. I don't know what language you use with your server, but as I use PHP, here is the PHP manual link on authentication:
PHP authentication
It is a tricky thing to do at first, but once you get into it isn't bad (and creating more https connections comes easily). However, writing out everything you would need to do here is a bit much. If you scope out those posts, you can get a general idea about how to go about it. It'll take some working to get it done.
Most often this simply means that you have to send data to an HTTPS endpoint. What this also means is that there is a secure connection (done for you automatically) between the client and the server so that the payload (body) of the message is encrypted rather than transmitted in clear text (which is the case with HTTP).
Basically, most times, it is enough just to make sure you're using HTTPS :)
Have a look at http://en.wikipedia.org/wiki/Secure_Sockets_Layer
I need to test a client app on IPhone which connect to a WebServices.
This connection time out is check once/day at 6am.
So, we can only test "time-out" case only once/day.
I want to test more time/day. But I can not change on Web Service because of no authentication.
There a solution to use a proxy server to catch package, change session ID and send to test server. But I don't know how to do it?
Can anyone help me?
Any other solution?
Thanks in advance
For the proxy solution you suggest, I recommend Charles. In Charles you can rewrite both the request and the response from the server.
The Rewrite tool enables you to create rules that modify requests and responses as they pass through Charles. Rules such as adding or changing a header or search and replace some text in the response body.