I have to make a rest web service call from my ios app, earlier I used ASIHTTPRequest with no ARC in xcode4, but now I have enabled ARC in my app in xcode4.2, please suggest what should I do? is there anything else which i can use to perform web service call?
If you're including the ASI source in your project, then mark the ASI files with -fno-objc-arc in the compile settings for each file. If you're including it as a static library, then you don't need to do anything.
Note that if there are method calls in ASI that don't obey the naming conventions for ownership (e.g. copy/new/alloc etc...) they you'll need to bridge some of the arguments in your method calls.
Check out the following section of this article for more info: http://www.learn-cocos2d.com/2011/11/everything-know-about-arc/#third-party-libraries
Related
I have an Objective-C project whose .ipa was tested with this tool online: https://www.immuniweb.com/mobile
It reports that my app has a high risk security issue, pointing to the canAuthenticateAgainstProtectionSpace in the NSURLConnectionDelegate protocol.
This method has been deprecated by iOS after 8.0 version. My app is not using it directly anywhere and I suppose this is not used by apple also even indirectly, since it is deprecated.
I tried a sample ipa (new project with nothing in it) with Objective-C project and the same issue came for that as well. But it did not come for a sample ipa which supported Swift. Even if this is just a warning, is there a way to fix other than just supporting Swift language only?
The tool has detected that the .h file that defines the NSURLConnectionDelegate protocol declares the canAuthenticateAgainstProtectionSpace function. This is, of course, to be expected.
It would make more sense for the tool to report implementations of the method, not simply declarations of it
Since you haven’t implemented this method you don’t need to worry about flaws in your implementation.
As for getting rid of the issue...Don’t use the tool? It doesn’t seem very good based on this.
Is there an option to tell it not to scan .h files?
TBH it seems like a bug in the tool if not any of your Libraries or Frameworks internally uses that.
In your test for the sample Objective C project it's reported as bug however for a sample swift project it's not reported Hence I guess it's more of bug from the tool side.
I would suggest you to report this issue to them.Hopefully they will get you back with some suggestions.
or
you can try some other pen-testing tools as well.
I try to import a non-arc library(ASIHTTPRequest) to project.
but it reports arc error.
Is there a way to import a non-arc library to arc project?
Your comment welcome
Yes, It is possible to disable ARC for individual files by adding the -fno-objc-arc compiler flag for those files.
You have to add non arc flag -fno-objc-arc in all ASIHttpRequest Classes in ProjectSettings->BuildPhases->Compile Sources
ARC can be disabled on a ASIHTTPRequest files by file basis with the fno-objc-arc flag.
Set the no-objc-arc flag at path ProjectSettings->BuildPhases->Compile Sources->ASIHTTPRequest .m files.
But it is better to use AFNetworking classes for HTTP request handling now.
AFNetworking is best on now days, whereas ASIHTTPRequest is pretty much dead. Additionally, AFNetworking has dozens of great helper libraries and classes available for handling things like OAuth, Amazon S3, and the like.
AFNetworking also available for ARC support.No need to set flag.
I've created a simple lib to use HMAC digest for Swift called "SweetHMAC". This lib is so simple, basically is a wrapper to CommonHMAC.h in Swift.
I can build and deploy any iOS project using SweetHMAC correctly but, seems by some security issue, my approach is not safe. There is the warning I receive after run the iOS tests for example.
warning: linking against dylib not safe for use in application extensions
This code is not safe enough to put in iOS AppStore, and the app can be rejected by that. For OSX, there is no problems.
I know, there are HMAC ports for Swift, but my challenge is to try to enable Swift to use CommonCrypto safely.
I have implemented this project using this approach and works fine!
My question is, how possible is to create and use use modules like CommonCrypto in Swift frameworks safely for iOS?
Looking at the documentation from Apple, the suggestion for said error is to make sure that the option of using "Require Only App-Extension-Safe API" is checked.
To configure an app extension target to use an embedded framework, set the target’s “Require Only App-Extension-Safe API” build setting to Yes. If you don’t, Xcode reminds you to do so by displaying the warning “linking against dylib not safe for use in application extensions”.
Here's the full documentation on extensions
It is also worth noting that parts of the CommonCrypto API might not be available, as per this discussion
I'm creating a static Framework to distribute to other projects. I have some confusion with the design approach for building the framework. I have never built a framework before.
I'm building something similar to AdColony framework where I'll pass some unique id to framework and it will internally call several APIs and it will transfer final output back to the application with proper delegates. And in that AdColony framework only one .h file is public.
I'm wondering some questions:
1) I'm planning to use AFNetworking for all server communication and parsing. So while building framework how I can link my static framework with AFNetworking. AFNetworking headers will be visible in final .framework output ? If external AFNetworking linking is required to my framework so is it a good approach that I'm forcing other developers to include AFNetworking ? Or i have to write down my own basic networking layer ?
2) Can I hide my all wrapper and Model classes and just make 1 class visible to developers for configuration and handling output ?
Apart from above questions if you have some best design approach for building this framework then please do suggest.
1. You can do two things:
Add AFNetworking to your framework. And set the header of the AFNetworking like public headers. You could change some include to create a clean include headers.
Link your framework with AFNetworking, and force other developer to link AFNetworking.
How to know which approach to follow?
I would use the first approach if my framework will provide some Network Layer. And I will maintain my project. The second approach is useful if you only use AFNetworking for your internal implementation. But you will need maintain your framework when AFNetworking change something that you are using.
2 . Yes, you can.
You can set public headers. So, if you want to have only one public class you need to set that header as public. Remember that all the method in the .h are public. So if you want to ensure that no one can call your method, you need to put the method declaration in a category that you will use in your .m
Another suggestion: take a look to this project.
I really wanted to use ASIHTTPRequest do to its easy and already built library. Since it is old code format and in the project I use ARC it doesn't really work. Are there any unofficial updates to it or is there other open source code out there that works well? I just find it very tedious to go back through this code and correct it and such.
Consider using AFNetworking in place of ASIHTTPRequest.
Or just disable ARC for ASIHTTPRequest, see #La boa boa
If your new project uses ARC, you can disable ARC for ASIHTTPRequest. Here's a good answer How can I disable ARC for a single file in a project?
The creator of AFNetworking wrote an adapter in order to ease the transition to AFNetworking from ASIHTTPRequest. See https://github.com/AFNetworking/AFNetworking-ASIHTTPRequest
Hope it helps.
Check this answer
https://stackoverflow.com/a/6658549/975959
It allows you to disable ARC for certain files and thus allowing you to use ASIHTTPRequest.
I've used it with that library successfully.