I'm trying to make a UIWebView application, just like any other (with refresh, go forward, back, google search, etc). It is going to be very simple. One thing I want to do however, is make the data loaded into the UIWebView loaded through a proxy server (like hideMyAss) - so websites like at schools or workplaces become unblocked.
I have been looking for a proxy which enables me to input the website address at the end of a proxy's URL, but I have not found one.
E.g. Hidemyass.com?url=google.com
Does Apple have any documentation as to how I could achieve this. I have no idea where to start looking as I don't know the exact name of what if be looking for. Any suggestions would be really helpful. Thanks!
Create a subclass of NSURLProtocol class that will handle all web protocols such as HTTP, HTTPS, SSL etc. This is a abstract class that provides the basic structure for performing protocol-specific loading of URL data. Guide on NSURLProtocol
Once your created your custom url protocol handler, register it in your appDelegate so your protocol will have priority over any of the built-in protocols.
[NSURLProtocol registerClass:[MyURLProtocol class]];
In terms of proxy, create your own server and implement a ready made solution that will do all your tunneling of client data to outside world. Tinyproxy is a example of a free software that can do your proxy requirements, research others or even create your own solution if you got the time.
Related
I just added SSL to my backend framework (Django REST API) and I want my iOS application to talk to it. Do I have to do anything differently on the iOS side of my project? How do I tell Alamofire to encrypt the data its sending? Or Does it happen automatically?
The only difference is using https instead of http. I have the same setup at work, and originally thought I was going to have to delve into certificates. I started heading in that direction and then realized all my requests worked as soon as I stuck the "s" on the end.
I will say, while using NSStream, you do have to setup the stream to handle the certificate. I am doing this in another application, but that is below the URLRequest class. I am unsure of how low level Alomofire actually delves, but it will definitely handle everything you desire without doing anything differently.
Just update URLs inside your app to use "https" and you are done.
I am finding that when my iOS device automatically configures a proxy, all of my NSURLSessions are using it for downloads/uploads/requests. This becomes a problem when I'm trying to make those requests from other devices on the same local network. I need to disable the proxy that the device autodetects for NSURLSession.
Every post everywhere indicates how to set the proxy dictionary, however, I can't find anywhere how to make sure the NRURLSession doesn't use a proxy.
Any help would be appreciated!
If you provide an empty proxy dictionary when creating the session configuration, NSURLSession should ignore the system-provided proxies in all sessions created with that session configuration.
If you're trying to override it for something where you didn't create the session (e.g. third-party frameworks, web views, etc.), you can usually solve that by creating and registering (globally) an NSURLProtocol that takes the requests and reissues them in your own session (adding some custom header so that you don't keep reissuing the same request in an infinite loop). There are some basic examples of writing custom protocols on Apple's website.
I've read about push-promise in HTTP/2 specs and several other tutorials, and have an idea as a concept.
I've read here in SO why bundling won't be as relevant in upcoming days. So, if I have to incorporate push promise into applications, where is the ideal place to do this. Should it be just before redirecting to the view from the Action method? Or, in the script in the view? As far as I've searched I couldn't find any examples.
Please someone share their experience implementing in the real code. Does it seem like an overhead if you have to support both the protocols?
Also, if I'm using IIS 10, then is there any configuration changes that I should do to support both protocols? [As far as I've read, we don't have to. But always better heed to some experts.]
So, if I have to incorporate push promise into applications, where is the ideal place to do this. Should it be just before redirecting to the view from the Action method? Or, in the script in the view?
I did it in the controller action method while experimenting, but if you have common resources you may want to move it somewhere more fundamental/shared in the pipeline. Anywhere that has access to the HttpResponse object should work. As I noted here, you'll want to use the PushPromise overload that takes in an HTTP method and headers if what you're pushing will vary based on any request headers, e.g. accept-encoding (compression).
Does it seem like an overhead if you have to support both the protocols?
Also, if I'm using IIS 10, then is there any configuration changes that I should do to support both protocols?
You do not need to do anything explicitly to support both protocols; IIS will take care of it. Per David So of Microsoft, "provided the client and server configuration supports HTTP/2, then IIS will use HTTP/2 (or fallback to HTTP/1.1 if not possible)". This is true even if you're using server push: "If the underlying connection doesn’t support push (client disabled push, or HTTP/1.1 client), the call does nothing and returns success, so you can safely call the API without needing to worry about whether push is allowed."
Incidentally, if you want to disable HTTP/2 on Windows Server 2016, you can do so via the registry.
In addition to checking IIS logs, as David So suggested, you can verify HTTP/2 is being used by right-clicking on the headers row (Name, Status, Type, etc.) in Chrome's Network tab and checking off "Protocol"; you'll see "h2" for HTTP/2 responses. You can verify push promises are working by looking at the Chrome HTTP/2 internals page (chrome://net-internals/#http2) and looking at the "Pushed" and "Pushed and claimed" columns for your domain.
I'm having some issues with video requests handled through a special protocol scheme in a NSURLProtocol subclass. Every other resource (images/text) are getting handled correctly, however, when a video request is sent, I only get a call to 'canInitWithRequest' and no follow up. So, my video resource doesn't get resolved. Now, I've looked around and I found no definite solution for this. Some people use instead an embedded HTTP server, but that seems an overkill. Does anyone know if this is a bug or if not, why is this limitation, is there an workaround for it?
A similar issue: Custom NSURLProtocol class for WebView doesn't work when loading video in HTML5 document , but unfortunately without an answer.
#Meda, I was facing the similar issue. Here what I found and hope it is useful to you.
I assume that you are using NSUrlProtocol because you want to intercept the video requests.
I was using web view which makes request for video over HTTP. It goes to NSURLProtocol and makes the request. When it receives the data, webView loads the video rendering plugin (looking at the mime type in HTTP header). The plugin needs the data to come as Partial HTTP response (Response code 206). Further, the plugin does not use NSURLProtocol class but uses network layer below it. So requests that plugin makes, do not go thru NSURLProtocol. Considering this, there could be 2 problems in your case.
1. HTTP server you are using may not be supporting partial responses.
2. HTTP server is not reachable directly (Can you access the video from safari or any other
browser on your device?)
You can verify both the cases by taking network trace. use tcpdump (available on Mac) to take network trace and see what is happening there.
I am trying to reduce the load on my webservers by adding an "Image server" (a dedicated server for handling image requests), and redirecting all requests for .gif,.jpg,.png etc., to it.
My question is, what is the best way to handle the redirection?
At the firewall level? (can I do this using iptables?)
At the load balancer level? (can ldirectord handle this?)
At the apache level - using rewrite rules?
Thanks for any suggestions on the best way to do this.
--Update--
One thing I would add is that these are domains that are hosted for 3rd parties, so I can't expect all the developers to modify their code and point their images to another server.
The further up the chain you can do it, the better.
Ideally, do it at the DNS level by using a different domain for your images (eg imgs.example.com)
If you can afford it, get someone else to do it by using a CDN (Content delivery network).
-Update-
There are also 2 featuers of apache's mod_rewrite that you might want to look at. They are all described well at http://httpd.apache.org/docs/1.3/misc/rewriteguide.html.
The first is under the heading "Dynamic Miror" in the above document, that uses the mod_rewrite Proxy flag [p]. This lets your server silently fetch files from another domain and return them.
The second is to just redirect the request to the new domain. This second option puts less strain on your server, but requests still need to come in and it slows down the final rendering of the page, as each request needs to make an essentially redundant request to your server first.
i agree with rikh. If you want images to be served from a different webserver, then serve them on a different web-server. For example:
<IMG src="images/Brett.jpg">
becomes
<IMG src="http://brettnesbitt.akamia-technologies.com/images/Brett.jpg">
Any kind of load balancer will still feed the image from the web-server's pipe, which is what you're trying to avoid.
i, of course, know what you really want. What you really want is for any request like:
GET images/Brett.jpg HTTP/1.1
to automatically get converted into:
HTTP/1.1 307 Temporary Redirect
Location: http://brettnesbitt.akamia-technologies.com/images/Brett.jpg
this way you don't have to do any work, except copy the images to the other web-server.
That i really don't know how to do.
By using the phrase "NAT", it implies that the firewall/router receives HTTP requests, and you want to forward the request to a different internal server if the HTTP request was for image files.
This then begs the question about what you're actually trying to save. No matter which internal web-server services the HTTP request, the data is still going to have to flow through the firewall/router's pipe.
The reason i bring it up is because the common scenario when someone wants to serve images from a different server is because they want to split up high-bandwidth, mostly static, low-CPU cost content from their actual logic.
Only using NAT to re-write the packet and send it to a different server will not work towards that common issue.
The other reason might be because images are not static content on your system, and a request to
GET images/Brett.jpg HTTP/1.1
actually builds an image on the fly, with a high-CPU cost, or only using with data available (i.e. SQL Server database) to ServerB.
If this is the case then i would still use a different server name on the image request:
GET http://www.brettsoft.com/default.aspx HTTP/1.1
GET http://imageserver.brettsoft.com/images/Brett.jpg HTTP/1.1
i understand what you're hoping for, with network packet inspection to override the NAT rule and send it to another server - i've never seen any such thing that can do that.
It sounds more "proxy-ish", where the web-proxy does this. (i.e. pfSense and m0n0wall can't do it)
Which then leads to a kind of solution we used once: a custom web-server that analyzes the request, makes the appropriate request off some internal server, and binary writes the response to the client.
That pain in the ass solution was insisted upon by a "security consultant", who apparently believes in security through obscurity.
i know IIS cannot do such things for you itself - i don't know about other web-server products.
i just asked around, and apparently if you wanted to write a custom kernel module for you linux based router, you could have it inspect packets and take appropriate action. Such a module might exist. There are, apparently, plenty of other open-sourced modules to use as a starting point.
But i'd rather shoot myself in the head.