You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@chemistry.apache.org by pw...@apache.org on 2013/05/17 13:38:43 UTC
svn commit: r1483747 -
/chemistry/objectivecmis/trunk/ObjectiveCMIS/Utils/CMISHttpRequest.m
Author: pweschmidt
Date: Fri May 17 11:38:43 2013
New Revision: 1483747
URL: http://svn.apache.org/r1483747
Log:
we can actually use [url host] instead of [url absoluteString] when verifying the host name
Modified:
chemistry/objectivecmis/trunk/ObjectiveCMIS/Utils/CMISHttpRequest.m
Modified: chemistry/objectivecmis/trunk/ObjectiveCMIS/Utils/CMISHttpRequest.m
URL: http://svn.apache.org/viewvc/chemistry/objectivecmis/trunk/ObjectiveCMIS/Utils/CMISHttpRequest.m?rev=1483747&r1=1483746&r2=1483747&view=diff
==============================================================================
--- chemistry/objectivecmis/trunk/ObjectiveCMIS/Utils/CMISHttpRequest.m (original)
+++ chemistry/objectivecmis/trunk/ObjectiveCMIS/Utils/CMISHttpRequest.m Fri May 17 11:38:43 2013
@@ -132,7 +132,7 @@ NSString * const kCMISExceptionVersionin
*/
- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace
{
- BOOL isTrusted = (self.trustedSSLServer && [[self.requestURL absoluteString] hasSuffix:protectionSpace.host]);
+ BOOL isTrusted = (self.trustedSSLServer && [[self.requestURL host] isEqualToString:protectionSpace.host]);
if ([protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust] && !isTrusted)
{
return NO;
@@ -156,7 +156,7 @@ NSString * const kCMISExceptionVersionin
*/
- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
{
- BOOL isTrusted = (self.trustedSSLServer && [[self.requestURL absoluteString] hasSuffix:challenge.protectionSpace.host]);
+ BOOL isTrusted = (self.trustedSSLServer && [[self.requestURL host] isEqualToString:challenge.protectionSpace.host]);
if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust] && !isTrusted)
{
[challenge.sender cancelAuthenticationChallenge:challenge];