6:[["$","$Le",null,{}],["$","div",null,{"className":"min-h-screen bg-gray-100 p-6","children":[["$","$Lf",null,{}],["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"QAPage\",\"mainEntity\":{\"@type\":\"Question\",\"name\":\"Is NSURLCredential secure over https?\",\"text\":\"

Is NSURLCredential a safe way to send a password over a https connection when responding to a authentication challenge? I assume that this sends the user name and password in a safe way, aka. encrypted and not just as parameters in the url - is this correct?

\\n\\n

Thanks for the responses!

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"Aaron\"},\"upvoteCount\":0,\"answerCount\":2,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"

Yes, Yes it is.\\nNSURLCredential is secure if you answer the delegate method properly.

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"Elak Wish\"},\"upvoteCount\":0}}}"}}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mb-6 relative","children":[["$","div",null,{"className":"absolute top-4 right-4 flex flex-wrap space-x-2","children":[["$","span","iphone",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/iphone/1","children":"iphone"}]}],["$","span","objective-c",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/objective-c/1","children":"objective-c"}]}],["$","span","cocoa",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/cocoa/1","children":"cocoa"}]}],["$","span","security",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/security/1","children":"security"}]}],["$","span","https",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/https/1","children":"https"}]}]]}],["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/1571303f6ec6269a6893581a639a2056?s=256&d=identicon&r=PG","alt":"Aaron","className":"w-16 h-16 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/925454/aaron","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"Aaron"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",71]}]]}]]}],["$","h1",null,{"className":"text-2xl font-bold text-gray-800 mb-4","children":"Is NSURLCredential secure over https?"}],["$","p",null,{"className":"text-gray-700 mt-4","dangerouslySetInnerHTML":{"__html":"

\n\n

Thanks for the responses!

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm mt-4","children":[["$","p",null,{"children":["Upvotes: ",0]}],["$","p",null,{"children":["Views: ",817]}]]}]]}],["$","div",null,{"className":"container mx-auto","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-6","children":["Answers (",2,")"]}],[["$","div","7682849",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/047fd4e08918cbcceb6f7a88ff9a8f9c?s=256&d=identicon&r=PG","alt":"Elak Wish","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/975916/elak-wish","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"Elak Wish"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",26]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

Yes, Yes it is.\nNSURLCredential is secure if you answer the delegate method properly.

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",0]}]}]]}],["$","div","7676254",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/7d693ab2c70b2d8ef8fa6051472f90ef?s=256&d=identicon&r=PG","alt":"user170317","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/979895/user170317","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"user170317"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",1202]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

If you answer the delegate method, it is passed securely.

\n\n

- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {\nNSString *user = you user\nNSString *password = you pass;\n\nNSURLCredential *credential = [NSURLCredential credentialWithUser:user\n                                                         password:password\n                                                      persistence:NSURLCredentialPersistenceForSession];\n[[challenge sender] useCredential:credential forAuthenticationChallenge:challenge];\n\n}\n

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",1]}]}]]}]]]}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mt-6","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-4","children":"Related Questions"}],["$","ul",null,{"className":"list-disc list-inside","children":[["$","li","27670056",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/27670056","className":"text-blue-600 hover:underline","children":"NSURLSession and HTTPS"}]}],["$","li","26395327",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/26395327","className":"text-blue-600 hover:underline","children":"iOS NSURLConnection with NSURL with https:// is using TLS or SSL"}]}],["$","li","7171727",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/7171727","className":"text-blue-600 hover:underline","children":"Is NSURLRequest post to HTTPS URL Secure?"}]}],["$","li","19304703",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/19304703","className":"text-blue-600 hover:underline","children":"Is NSURLConnection willSendRequestForAuthenticationChallenge secure"}]}],["$","li","501231",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/501231","className":"text-blue-600 hover:underline","children":"Can I use NSURLCredentialStorage for HTTP Basic Authentication?"}]}],["$","li","935722",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/935722","className":"text-blue-600 hover:underline","children":"How to use HTTPS with NSURLConnection?"}]}],["$","li","4776397",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/4776397","className":"text-blue-600 hover:underline","children":"How to use NSURLRequest and NSURLConnection over a secure connection? (HTTPS)"}]}],["$","li","4164846",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/4164846","className":"text-blue-600 hover:underline","children":"NSURLCredentialStorage and client certificate authentication"}]}],["$","li","2940849",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/2940849","className":"text-blue-600 hover:underline","children":"how secure is NSURLConnection over https"}]}],["$","li","1578121",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/1578121","className":"text-blue-600 hover:underline","children":"HTTPS with NSURLConnection - NSURLErrorServerCertificateUntrusted"}]}]]}]]}]]}],["$","$L11",null,{}],["$","$L12",null,{}],["$","$L13",null,{}],["$","$L14",null,{}],["$","$L15",null,{}]]

Is NSURLCredential secure over https?

Answers (2)

Related Questions