Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

In iPhone with Titanium, the webView (Ti.UI.WebView) will only allow content from sites with trusted, verified certificates. A simple modification to the iOS code in the SDK tells the webView to accept all pages regardless of certificate. Refer to instructions on Customizing the Titanium SDK for steps to modify the SDK.

This solution comes from an answer in the Titanium Mobile QA site: http://developer.appcelerator.com/question/120117/webview-ssl-certificate-error---no-way-to-accept-expired-server-certificate---ipad-app#answer-213681

Steps to modify SDK (either Titanium Mobile SDK source or an already build Titanium Mobile SDK):

  1. Open <sdk>/iphone/Classes/TiUIWebView.m (/Library/Application Support/Titanium/mobilesdk/osx/<sdk-version>/iphone/Classes/TiUIWebView.m)
  2. Above @implementation TiUIWebView add:
    Code Block
    @interface NSURLRequest (DummyInterface)
     
    + (BOOL)allowsAnyHTTPSCertificateForHost:(NSString*)host;
     
    + (void)setAllowsAnyHTTPSCertificate:(BOOL)allow forHost:(NSString*)host;
     
    @end
    
  3. Then look for this method -(void)setUrl_:(id)args and modify code to match this:
    Code Block
        if ([self isURLRemote])
        {
     
            NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:url];
     
            // Use the private method setAllowsAnyHTTPSCertificate:forHost:
            // to not validate the HTTPS certificate.
            [NSURLRequest setAllowsAnyHTTPSCertificate:YES forHost:[url host]];
     
            [self loadURLRequest:request];
            if (scalingOverride==NO)
            {
                [[self webview] setScalesPageToFit:YES];
            }
        }
    
  4. Rebuild your app (after deleting <project-root>/build/iphone) and you should be able to open all https:// pages in the webview.
Note

Note that this is only necessary for webviews because Ti.Network.HTTPClient has a bool property of validatesSecureCertificate which allows the developer to specify whether or not to allow invalid certs for http requests.