Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Current »

In iPhone with Titanium, the webView (Ti.UI.WebView) will only allow content from sites with trusted, verified certificates. A simple modification to the iOS code in the SDK tells the webView to accept all pages regardless of certificate. Refer to instructions on Building the Titanium SDK for steps to modify the SDK.

This solution comes from an answer in the Titanium Mobile QA site: http://developer.appcelerator.com/question/120117/webview-ssl-certificate-error---no-way-to-accept-expired-server-certificate---ipad-app#answer-213681

Steps to modify SDK (either Titanium Mobile SDK source or an already build Titanium Mobile SDK):

  1. Open <sdk>/iphone/Classes/TiUIWebView.m (/Library/Application Support/Titanium/mobilesdk/osx/<sdk-version>/iphone/Classes/TiUIWebView.m)
  2. Above @implementation TiUIWebView add:
    @interface NSURLRequest (DummyInterface)
     
    + (BOOL)allowsAnyHTTPSCertificateForHost:(NSString*)host;
     
    + (void)setAllowsAnyHTTPSCertificate:(BOOL)allow forHost:(NSString*)host;
     
    @end
    
  3. Then look for this method -(void)setUrl_:(id)args and modify code to match this:
        if ([self isURLRemote])
        {
     
            NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:url];
     
            // Use the private method setAllowsAnyHTTPSCertificate:forHost:
            // to not validate the HTTPS certificate.
            [NSURLRequest setAllowsAnyHTTPSCertificate:YES forHost:[url host]];
     
            [self loadURLRequest:request];
            if (scalingOverride==NO)
            {
                [[self webview] setScalesPageToFit:YES];
            }
        }
    
  4. Rebuild your app (after deleting <project-root>/build/iphone) and you should be able to open all https:// pages in the webview.

Note that this is only necessary for webviews because Ti.Network.HTTPClient has a bool property of validatesSecureCertificate which allows the developer to specify whether or not to allow invalid certs for http requests.

  • No labels