iOS開發(fā)之cookie
原創(chuàng)?面壁者LOGIC?發(fā)布于2018-12-19 19:01:42 ?
本文鏈接:https://blog.csdn.net/Bolted_snail/article/details/85105524
最近公司項(xiàng)目安全檢查檢測(cè)到緩存中的用戶名和密碼撑螺,雖然已經(jīng)加密泉孩,但還是不安全邪铲;所以公司要求用cookie或者token去請(qǐng)求數(shù)據(jù)瘾英。由于公司項(xiàng)目比較老,里面既用了ASIHTTPRequest框架厨内,又用了AFNetworking框架,發(fā)現(xiàn)其實(shí)這兩個(gè)框架默認(rèn)都是自動(dòng)保持cookie的,我們不用去刻意處理它(獲取與上傳)琅拌。但是由于想搞清楚還是研究了一下cookie,并用NSURLSession?摘刑、ASIHTTPRequest进宝、?AFNetworking自己手動(dòng)管理cookie。
cookie: 是網(wǎng)站服務(wù)端為了辯別用戶身份枷恕,在服務(wù)器端生生成并存儲(chǔ)在用戶本地終端(電腦党晋、手機(jī))上的數(shù)據(jù)。其實(shí)cookie主要是用來免密登錄的徐块,我們這只是通過用戶名和密碼獲取一個(gè)身份令牌未玻,用于后面的接口調(diào)用,更像是token胡控。
NSHTTPCookieStorage提供了管理所有NSHTTPCookie對(duì)象的接口扳剿,在OS X里,cookie是在所有程序中共享的,而在iOS中,cookie只在當(dāng)當(dāng)前應(yīng)用中有效铜犬。舞终。Session Cookie(SessionOnly返回YES的Cookie)只能在單一進(jìn)程中使用。
NSHTTPCookieStorage可以獲取癣猾,刪除敛劝,設(shè)置單例里面的cookies,設(shè)置cookie的管理策略等纷宇。
//只讀的單例對(duì)象
@property(class, readonly, strong) NSHTTPCookieStorage *sharedHTTPCookieStorage;
//獲取里面的cookie對(duì)象數(shù)組
@property (nullable , readonly, copy) NSArray<NSHTTPCookie *> *cookies;
//添加cookie
- (void)setCookie:(NSHTTPCookie *)cookie;
//刪除cookie
- (void)deleteCookie:(NSHTTPCookie *)cookie;
//刪除某個(gè)日期之前的cookie
- (void)removeCookiesSinceDate:(NSDate *)date API_AVAILABLE(macos(10.10), ios(8.0), watchos(2.0), tvos(9.0));
//設(shè)置cookie的管理策略
@property NSHTTPCookieAcceptPolicy cookieAcceptPolicy;
//獲取對(duì)應(yīng)url返回的cookie數(shù)組
- (nullable NSArray<NSHTTPCookie *> *)cookiesForURL:(NSURL *)URL;
NSHTTPCookie里面有個(gè)properties的屬性夸盟,其組成如下:
<__NSArrayM0x283bec540>(<NSHTTPCookieversion:0name:JSESSIONIDvalue:A0787301B667F5E1C7B5BABAAE58B104expiresDate:'(null)'created:'2018-12-27 02:39:06 +0000'sessionOnly:TRUEdomain:192.168.1.121partition:nonesameSite:nonepath:/innerisSecure:FALSEisHTTPOnly:YES path:"/inner"isSecure:FALSE isHTTPOnly:YES>,<NSHTTPCookieversion:0name:tokenvalue:1545878346436_111_cd90cdd1-9938-4e18-8ccd-79ad54d5527cexpiresDate:'2019-01-26 02:39:06 +0000'created:'2018-12-27 02:39:06 +0000'sessionOnly:FALSEdomain:192.168.1.121partition:nonesameSite:nonepath:/innerisSecure:FALSE path:"/inner"isSecure:FALSE>)
name必選規(guī)定 cookie 的名稱
value必選規(guī)定 cookie 的值
expire可選規(guī)定 cookie 的有效期
path可選規(guī)定 cookie 的服務(wù)器路徑,只有該路勁下的文件接口才能使用
domain可選規(guī)定 cookie 的域名
secure可選規(guī)定是否通過安全的 HTTPS 連接來傳輸 cookie
其中sessionOnly:TRUE的cookie是后臺(tái)服務(wù)器自動(dòng)創(chuàng)建的。
cookie和session默認(rèn)都是后臺(tái)創(chuàng)建像捶,后端會(huì)將cookie放在在response的header中返回給前端上陕,將session緩存在服務(wù)器中桩砰;前端獲取到cookie可以自己手動(dòng)保存,也可以交給NSHTTPCookieStorage單例來保存释簿;前端將cookie放在request的header中傳給服務(wù)器,服務(wù)器會(huì)去查對(duì)應(yīng)的session亚隅,然后去交換獲得用戶信息(用戶登錄ID等)請(qǐng)求接口,這就是整個(gè)cookie獲取庶溶、設(shè)置和請(qǐng)求數(shù)據(jù)的流程煮纵。
獲取cookie的幾種方法:
//方式1 :? NSHTTPCookie獲取cookieNSArray*array=[NSHTTPCookie cookiesWithResponseHeaderFields:httpresponse.allHeaderFields forURLresponse.URL];for(NSHTTPCookie*cookieinarray){//保存到sharedHTTPCookieStorage中[[NSHTTPCookieStorage sharedHTTPCookieStorage]setCookie:cookie];}//方式2:NSHTTPURLResponse獲取NSHTTPURLResponse*httpresponse=(NSHTTPURLResponse*)response;NSDictionary*dic=httpresponse.allHeaderFields;//獲取cookie字符串NSString*cookiesStr=[dic valueForKey:@"Set-Cookie"];//方式3:NSHTTPCookieStorage獲取cookieNSArray*cookies=[[NSHTTPCookieStorage sharedHTTPCookieStorage]cookiesForURL:response.URL];
多個(gè)cookie的格式通常為:cookie1=value1; cookie2=value2; cookie3=value3; 這里特別要注意,多個(gè)cookie之間用分號(hào)+空格分隔開偏螺,不是&也不是單純的空格行疏。我所了解到的iOS設(shè)置Cookie的方法有兩種。
設(shè)置cookie方式1:NSDictionary * dic = httpresponse.allHeaderFields;返回的字典有個(gè)"Set-Cookie"的字符串值就是多個(gè)cookie的默認(rèn)樣式套像,我們獲取到后可以直接設(shè)置cookie到request的 header中酿联。
{
? ? "Cache-Control" = "no-cache,must-revalidate";
? ? "Content-Length" = 7;
? ? Date = "Thu, 27 Dec 2018 07:11:51 GMT";
? ? Expires = "Thu, 01 Jan 1970 00:00:00 GMT";
? ? Pragma = "no-cache";
? ? Server = "Apache-Coyote/1.1";
? ? "Set-Cookie" = "JSESSIONID=D6F65DA599B3B6B22C1927C5D85B53F0; Path=/inner; HttpOnly, token=1545894711778_111_17906b71-9c77-48c5-8e5a-b9e52522a538; Expires=Sat, 26-Jan-2019 07:11:51 GMT; Path=/inner";
}
NSString * cookiesStr = [dic valueForKey:@"Set-Cookie"];
//設(shè)置cookies
[request setValue:cookiesaStr forHTTPHeaderField:@"Cookie"];
設(shè)置cookie方式2:構(gòu)建多個(gè)NSHTTPCookie實(shí)例對(duì)象的數(shù)組,根據(jù)NSHTTPCookie實(shí)例數(shù)組生成對(duì)應(yīng)的HTTP cookie header夺巩,設(shè)置cookie到request的header中贞让。
NSDictionary *properties1 = [NSDictionary dictionaryWithObjectsAndKeys:
? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? @"domain.com", NSHTTPCookieDomain,
? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? @"/", NSHTTPCookiePath,
? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? @"userid", NSHTTPCookieName,
? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? strUserId, NSHTTPCookieValue,
? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? nil];
? ? NSDictionary *properties2 = [NSDictionary dictionaryWithObjectsAndKeys:
? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? @"domain.com", NSHTTPCookieDomain,
? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? @"/", NSHTTPCookiePath,
? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? @"pid", NSHTTPCookieName,
? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? pid, NSHTTPCookieValue,
? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? nil];
? ? NSHTTPCookie *cookie1 = [NSHTTPCookie cookieWithProperties:properties1];
? ? NSHTTPCookie *cookie2 = [NSHTTPCookie cookieWithProperties:properties2];
? ? NSArray* cookies = [NSArray arrayWithObjects: cookie1, cookie2, nil];
? ? //根據(jù)NSHTTPCookie實(shí)例數(shù)組生成對(duì)應(yīng)的HTTP cookie header
? ? NSDictionary * headers = [NSHTTPCookie requestHeaderFieldsWithCookies:cookies];
? ? //設(shè)置cookie到header中
? ? request.allHTTPHeaderFields = headers;
NSURLSession中有兩個(gè)+ (NSURLSession *)sessionWithConfiguration:(NSURLSessionConfiguration *)configuration;初始化方法,這個(gè)configuration可以給NSURLSession實(shí)例對(duì)象配置一下屬性策略等,與cookie有關(guān)的屬性有下:
//發(fā)送請(qǐng)求時(shí)是否設(shè)置cookie
@property BOOL HTTPShouldSetCookies;
//設(shè)置cookie的接收策略
@property NSHTTPCookieAcceptPolicy HTTPCookieAcceptPolicy;
typedef NS_ENUM(NSUInteger, NSHTTPCookieAcceptPolicy) {
? ? NSHTTPCookieAcceptPolicyAlways,//接收所有的cookie,默認(rèn)策略.
? ? NSHTTPCookieAcceptPolicyNever,//不接收所有的cookie
? ? NSHTTPCookieAcceptPolicyOnlyFromMainDocumentDomain//只接收main document domain中的cookie.
};
//保存設(shè)置cookie的劲够,如果不設(shè)置默認(rèn)是[NSHTTPCookieStorage sharedHTTPCookieStorage]震桶,設(shè)置為nil管理cookie
@property (nullable, retain) NSHTTPCookieStorage *HTTPCookieStorage;
所以NSURLSession多了一種設(shè)置cookie的方式,只要設(shè)置了HTTPCookieStorage屬性就可以自動(dòng)設(shè)置了cookie征绎。
1.使用系統(tǒng)管理cookie的類NSHTTPCookieStorage管理cookie
我們請(qǐng)求完成后必須手動(dòng)將cookie保存到[NSHTTPCookieStorage sharedHTTPCookieStorage]中蹲姐,不會(huì)自動(dòng)將響應(yīng)體header中的cookie保存,下面是具體實(shí)例人柿。
//獲取cookie
- (void)getCookies1{
? ? NSURL * url = [NSURL URLWithString:@"http://192.168.1.121:8080/inner/mobile/actionSh/Abc!login.action?"];
? ? NSString * post = [NSString stringWithFormat:@"loginId=%@",@"111"];
? ? NSData * postData = [post dataUsingEncoding:NSUTF8StringEncoding];
? ? NSMutableURLRequest * request = [NSMutableURLRequest requestWithURL:url];
? ? request.HTTPMethod = @"POST";
? ? request.HTTPBody = postData;
? ? //defaultSessionConfiguration 使用默認(rèn)session配置柴墩,類似NSURLConnection的標(biāo)準(zhǔn)配置,使用硬盤來存儲(chǔ)緩存數(shù)據(jù)凫岖,會(huì)將緩存江咳、cookie等存在本地
? ? //ephemeralSessionConfiguration 臨時(shí)session配置,與默認(rèn)配置相比哥放,不使用永久持存cookie歼指、證書、緩存的配置甥雕,最佳優(yōu)化數(shù)據(jù)傳輸踩身。
? ? //backgroundSessionConfiguration 后臺(tái)session配置,與默認(rèn)配置類似社露,不同的是會(huì)在后臺(tái)開啟另一個(gè)線程來處理網(wǎng)絡(luò)數(shù)據(jù)
? ? NSURLSessionConfiguration * defultConfiguration = [NSURLSessionConfiguration defaultSessionConfiguration];
? ? //不允許設(shè)置cookie
? ? defultConfiguration.HTTPShouldSetCookies = NO;
? ? //設(shè)置不允許緩存cookiechelue
? ? defultConfiguration.HTTPCookieAcceptPolicy = NSHTTPCookieAcceptPolicyNever;
? ? //清除所有的cookie
? ? for(NSHTTPCookie *cookie in [NSHTTPCookieStorage sharedHTTPCookieStorage].cookies)
? ? {
? ? ? ? [[NSHTTPCookieStorage sharedHTTPCookieStorage] deleteCookie: cookie];
? }
? ? NSLog(@"清除所有的cookies : %@",[NSHTTPCookieStorage sharedHTTPCookieStorage].cookies);
? ? defultConfiguration.HTTPCookieStorage = nil;
? ? NSURLSession * session = [NSURLSession sessionWithConfiguration:defultConfiguration delegate:nil delegateQueue:[NSOperationQueue currentQueue]];
? ? NSURLSessionTask * task = [session dataTaskWithRequest:request completionHandler:^(NSData * _Nullable data, NSURLResponse * _Nullable response, NSError * _Nullable error) {
? ? ? ? NSLog(@"請(qǐng)求完成P琛!!");
? ? ? ? if (!error) {
? ? ? ? ? ? NSString * result = [[NSString alloc]initWithData:data encoding:NSUTF8StringEncoding];
? ? ? ? ? ? if (result) {
? ? ? ? ? ? ? ? NSLog(@"解析成功:%@",result);
? ? ? ? ? ? ? ? NSLog(@"response:%@",response);
? ? ? ? ? ? ? ? NSHTTPURLResponse * httpresponse = (NSHTTPURLResponse *)response;
? ? ? ? ? ? ? ? NSDictionary * dic = httpresponse.allHeaderFields;
//? ? ? ? ? ? ? ? NSString * cookies = [dic valueForKey:@"Set-Cookie"];
//? ? ? ? ? ? ? ? NSLog(@"cookies : %@ --- %@",cookies,[NSThread currentThread]);
//? ? ? ? ? ? ? ? NSArray * NSArray = [[NSHTTPCookieStorage sharedHTTPCookieStorage]cookiesForURL:response.URL];
? ? ? ? ? ? ? ? //獲取cookie
? ? ? ? ? ? ? NSArray * array = [NSHTTPCookie cookiesWithResponseHeaderFields:dic forURL:response.URL];
? ? ? ? ? ? ? ? for (NSHTTPCookie * cookie in array) {
? ? ? ? ? ? ? ? ? ? //保存到sharedHTTPCookieStorage中
? ? ? ? ? ? ? ? ? ? [[NSHTTPCookieStorage sharedHTTPCookieStorage]setCookie:cookie];
? ? ? ? ? ? ? ? }
? ? ? ? ? ? ? NSLog(@"NSHTTPCookieStorage :? %@",[NSHTTPCookieStorage sharedHTTPCookieStorage].cookies);
? ? ? ? ? ? }else{
? ? ? ? ? ? ? ? NSLog(@"解析失敗!!!");
? ? ? ? ? ? }
? ? ? ? }else{
? ? ? ? ? ? NSLog(@"請(qǐng)求失敗 : %@",error.localizedDescription);
? ? ? ? }
? ? }];
? ? [task resume];
}
//設(shè)置cookie
- (void)requestWithCookies1{
? ? NSString * urlStr = @"http://192.168.1.121:8080/inner/mobile/actionSh/Abc!getData.action?";
? ? //encode去掉中午和特殊字符
? ? urlStr = [urlStr stringByAddingPercentEncodingWithAllowedCharacters:[NSCharacterSet URLQueryAllowedCharacterSet]];
? ? NSURL * url = [NSURL URLWithString:urlStr];
? ? NSURLRequest * request = [NSURLRequest requestWithURL:url];
? ? NSURLSessionConfiguration * defultConfiguration = [NSURLSessionConfiguration defaultSessionConfiguration];
? ? defultConfiguration.HTTPShouldSetCookies = YES;
? ? defultConfiguration.HTTPCookieAcceptPolicy = NSHTTPCookieAcceptPolicyAlways;
? ? NSLog(@"NSHTTPCookieStorage :? %@",[NSHTTPCookieStorage sharedHTTPCookieStorage].cookies);
? ? defultConfiguration.HTTPCookieStorage = [NSHTTPCookieStorage sharedHTTPCookieStorage];
? ? NSURLSession * session = [NSURLSession sessionWithConfiguration:defultConfiguration delegate:nil delegateQueue:[NSOperationQueue currentQueue]];
? ? NSURLSessionTask * task = [session dataTaskWithRequest:request completionHandler:^(NSData * _Nullable data, NSURLResponse * _Nullable response, NSError * _Nullable error) {
? ? ? ? NSLog(@"請(qǐng)求完成8礁搿M哑础!");
? ? ? ? if (!error) {
? ? ? ? ? ? NSString * result = [[NSString alloc]initWithData:data encoding:NSUTF8StringEncoding];
? ? ? ? ? ? if (result) {
? ? ? ? ? ? ? ? NSLog(@"解析成功:%@",result);
? ? ? ? ? ? }else{
? ? ? ? ? ? ? ? NSLog(@"解析失敗!!!");
? ? ? ? ? ? }
? ? ? ? }else{
? ? ? ? ? ? NSLog(@"請(qǐng)求失敗 : %@",error.localizedDescription);
? ? ? ? }
? ? }];
? ? [task resume];
}
上面的方法有時(shí)候并不能立即將cookie設(shè)置進(jìn)去坷备,所以我們自己手動(dòng)管理cookie比較保險(xiǎn)熄浓,就是在request的header中設(shè)置cookie,在response的header中獲取到得cookie保存到偏好設(shè)置或單例中自己管理省撑。
//獲取cookie
- (void)getCookies2{
? ? NSURL * url = [NSURL URLWithString:@"http://192.168.1.121:8080/inner/mobile/actionSh/Abc!login.action?"];
? ? NSString * post = [NSString stringWithFormat:@"loginId=%@",@"111"];
? ? NSData * postData = [post dataUsingEncoding:NSUTF8StringEncoding];
? ? NSMutableURLRequest * request = [NSMutableURLRequest requestWithURL:url];
? ? request.HTTPMethod = @"POST";
? ? request.HTTPBody = postData;
? ? NSURLSessionConfiguration * defultConfiguration = [NSURLSessionConfiguration defaultSessionConfiguration];
? ? //不允許設(shè)置cookie
? ? defultConfiguration.HTTPShouldSetCookies = NO;
? ? //不接受cookie
? ? defultConfiguration.HTTPCookieAcceptPolicy = NSHTTPCookieAcceptPolicyNever;
? ? NSURLSession * session = [NSURLSession sessionWithConfiguration:defultConfiguration delegate:nil delegateQueue:[NSOperationQueue currentQueue]];
? ? NSURLSessionTask * task = [session dataTaskWithRequest:request completionHandler:^(NSData * _Nullable data, NSURLResponse * _Nullable response, NSError * _Nullable error) {
? ? ? ? NSLog(@"請(qǐng)求完成S褡椤!丁侄!");
? ? ? ? if (!error) {
? ? ? ? ? ? NSString * result = [[NSString alloc]initWithData:data encoding:NSUTF8StringEncoding];
? ? ? ? ? ? if (result) {
//? ? ? ? ? ? ? ? NSArray * cookies = [[NSHTTPCookieStorage sharedHTTPCookieStorage]cookiesForURL:response.URL];
? ? ? ? ? ? ? ? NSLog(@"解析成功:%@",result);
? ? ? ? ? ? ? ? NSLog(@"response:%@",response);
? ? ? ? ? ? ? ? NSHTTPURLResponse * httpresponse = (NSHTTPURLResponse *)response;
? ? ? ? ? ? ? ? NSDictionary * dic = httpresponse.allHeaderFields;
? ? ? ? ? ? ? ? //獲取cookie字符串
? ? ? ? ? ? ? ? NSString * cookiesStr = [dic valueForKey:@"Set-Cookie"];
? ? ? ? ? ? ? ? NSData * cookiesData = [NSKeyedArchiver archivedDataWithRootObject:cookiesStr];
? ? ? ? ? ? ? ? //保存到偏好設(shè)置中
? ? ? ? ? ? ? ? [[NSUserDefaults standardUserDefaults] setValue:cookiesData forKey:@"BoncUserDefaultsCookie"];
? ? ? ? ? ? ? ? [[NSUserDefaults standardUserDefaults]synchronize];
? ? ? ? ? ? }else{
? ? ? ? ? ? ? ? NSLog(@"解析失敗!!!");
? ? ? ? ? ? }
? ? ? ? }else{
? ? ? ? ? ? NSLog(@"請(qǐng)求失敗 : %@",error.localizedDescription);
? ? ? ? }
? ? }];
? ? [task resume];
}
//設(shè)置cookie
- (void)requestWithCookies2{
? ? NSString * urlStr = @"http://192.168.1.121:8080/inner/mobile/actionSh/Abc!getData.action?";
? ? //encode去掉中午和特殊字符
? ? urlStr = [urlStr stringByAddingPercentEncodingWithAllowedCharacters:[NSCharacterSet URLQueryAllowedCharacterSet]];
? ? NSURL * url = [NSURL URLWithString:urlStr];
? ? NSMutableURLRequest * request = [NSMutableURLRequest requestWithURL:url];
? ? NSData * cookiesData = [[NSUserDefaults standardUserDefaults] valueForKey:@"BoncUserDefaultsCookie"];
? ? NSString * cookiesaStr = [NSKeyedUnarchiver unarchiveObjectWithData:cookiesData];
? ? //設(shè)置cookies
? ? [request setValue:cookiesaStr forHTTPHeaderField:@"Cookie"];
? ? //如果是NSURLRequest,可用下面方式設(shè)置
//? ? request.allHTTPHeaderFields = nil;
? ? NSURLSessionConfiguration * defultConfiguration = [NSURLSessionConfiguration ephemeralSessionConfiguration];
? ? defultConfiguration.HTTPShouldSetCookies = NO;
? ? defultConfiguration.HTTPCookieAcceptPolicy = NSHTTPCookieAcceptPolicyNever;
? ? NSURLSession * session = [NSURLSession sessionWithConfiguration:defultConfiguration delegate:nil delegateQueue:[NSOperationQueue currentQueue]];
? ? NSURLSessionTask * task = [session dataTaskWithRequest:request completionHandler:^(NSData * _Nullable data, NSURLResponse * _Nullable response, NSError * _Nullable error) {
? ? ? ? NSLog(@"請(qǐng)求完成!3住鸿摇!");
? ? ? ? if (!error) {
? ? ? ? ? ? NSString * result = [[NSString alloc]initWithData:data encoding:NSUTF8StringEncoding];
? ? ? ? ? ? if (result) {
? ? ? ? ? ? ? ? NSLog(@"解析成功:%@",result);
? ? ? ? ? ? }else{
? ? ? ? ? ? ? ? NSLog(@"解析失敗!!!");
? ? ? ? ? ? }
? ? ? ? }else{
? ? ? ? ? ? NSLog(@"請(qǐng)求失敗 : %@",error.localizedDescription);
? ? ? ? }
? ? }];
? ? [task resume];
}
AFNetworking是自動(dòng)保持cookie的,我們不用去刻意處理它(獲取與上傳)劈猿,除非你有一些需要拙吉。這里要講的是我們手動(dòng)管理cookie,AFNetworking中并沒有專門為cookie封裝的代碼揪荣,不過底層使用的是NSURLRequest筷黔,所以我們可以獲取到請(qǐng)求時(shí)服務(wù)器返回的cookie,然后保存起來(刪除和保存由我們自己管理),請(qǐng)求時(shí)候設(shè)置到request到header中即可仗颈。
設(shè)置不保持cookie
//默認(rèn)是YES佛舱,cookie會(huì)被存儲(chǔ)在共享的 NSHTTPCookieStorage 容器中
_manager.requestSerializer.HTTPShouldHandleCookies = NO;
獲取cookie,并保存起來
? ? ? // 獲取所有數(shù)據(jù)報(bào)頭信息
? ? ? ? NSHTTPURLResponse *HTTPResponse = (NSHTTPURLResponse *)task.response;
? ? ? ? NSDictionary *fields = [HTTPResponse allHeaderFields];
? ? ? ? // 獲取cookie
? ? ? ? NSString *cookieString = [fields valueForKey:@"Set-Cookie"];
? ? ? ? //保存到偏好設(shè)置中
? ? ? ? [[NSUserDefaults standardUserDefaults] setObject:cookieString forKey:@"BoncUserDefaultsCookie"];
? ? ? ? [[NSUserDefaults standardUserDefaults]synchronize];
設(shè)置cookie
? NSString * cookie = [[NSUserDefaults standardUserDefaults] valueForKey:@"BoncUserDefaultsCookie"];
? ? [self.manager.requestSerializer setValue:cookie forHTTPHeaderField:@"Cookie"];
ASIHTTPRequest是自動(dòng)保持cookie的,如果我們所用cookie請(qǐng)求數(shù)據(jù)挨决,默認(rèn)情況下我們不需要做其他任何操作请祖。不同于AFNetworking的是ASIHTTPRequest對(duì)cookie進(jìn)行了封裝,不管是獲取還是設(shè)置都及其方便脖祈,這里是我們自己管理cookie的做法肆捕。
設(shè)置不保持cookie
//默認(rèn)是YES,cookie會(huì)被存儲(chǔ)在共享的 NSHTTPCookieStorage 容器中盖高,并且會(huì)自動(dòng)被其他request重用慎陵。
request.useCookiePersistence = NO;
//清空session期間創(chuàng)建的所有cookie
//[ASIFormDataRequest setSessionCookies:nil];
//清除session期間產(chǎn)生的所有的cookie和緩存的授權(quán)數(shù)據(jù)。
// [ASIFormDataRequest clearSession];
獲取和保存cookie:
//獲取cookie
NSArray * cookies = [request responseCookies];
//獲取responseHeader
// NSDictionary *headers = [request responseHeaders];
//保存cookie
NSData * cookiesData = [NSKeyedArchiver archivedDataWithRootObject:cookies];
[[NSUserDefaults standardUserDefaults]setValue:cookiesData forKey:@"BoncUserDefaultsCookies"];
[[NSUserDefaults standardUserDefaults]synchronize];
設(shè)置cookie
? ? //依然要設(shè)置不保持cookie喻奥,否則傳遞cookie就不是我們自己保存到cookie
? ? [request setUseCookiePersistence:NO];
? ? //取出cookie
? ? NSData * cookiesData = [[NSUserDefaults standardUserDefaults] valueForKey:@"BoncUserDefaultsCookies"];
? ? NSArray * cookies = [NSKeyedUnarchiver unarchiveObjectWithData:cookiesData];
? ? //設(shè)置cookie
? ? [request setRequestCookies:cookies.mutableCopy];
AFNetworking和ASIHTTPRequest默認(rèn)都是開啟cookie的席纽,并且都是用[NSHTTPCookieStorage sharedHTTPCookieStorage]管理cookie的,所有二者可以通用映凳,我們這里手動(dòng)管理cookie,可以自己控制cookie的生命周期胆筒,避免過期的情況。其實(shí)默認(rèn)情況已經(jīng)夠我們正常使用了,這里需要注意點(diǎn)是默認(rèn)都是開啟cookie的情況下仆救,如在我們登錄獲取cookie時(shí)候抒和,一定要先清除cookie,否則可能出現(xiàn)退出登錄(不退出應(yīng)用)換了個(gè)用戶登錄彤蔽,登錄后的數(shù)據(jù)還是上個(gè)用戶的信息(未清除jsessionID)摧莽,雖然可以交給后臺(tái)取處理(后臺(tái)判斷是不是登錄接口,如果是就不取cookie),但我們客戶端也應(yīng)該處理一下顿痪,避免該錯(cuò)誤的發(fā)生镊辕。
AFNetworking請(qǐng)求登錄接口時(shí)候清除cookie:
AFHTTPSessionManager? * manager =? [AFHTTPSessionManager manager];
[manager.requestSerializer setValue:nil forHTTPHeaderField:@"Cookie"];
//有時(shí)候這樣設(shè)置并不好使,雖然也是在不保持cookie蚁袭,但[NSHTTPCookieStorage sharedHTTPCookieStorage]還是保持了cookie征懈,這樣jsessionID并沒有清除,所以為保險(xiǎn)起見要清空[NSHTTPCookieStorage sharedHTTPCookieStorage]里面的cookies
- (void)clearCookies{
? ? NSHTTPCookieStorage *cookieStorage = [NSHTTPCookieStorage sharedHTTPCookieStorage];
? ? NSArray *_tmpArray = [NSArray arrayWithArray:[cookieStorage cookies]];
? ? for (id obj in _tmpArray) {
? ? ? ? [cookieStorage deleteCookie:obj];
? ? }
}
ASIHTTPRequest請(qǐng)求登錄接口時(shí)候清除cookie:
[ASIFormDataRequest setSessionCookies:nil];
UIWebView和WKWebView的cookie管理機(jī)制
UIWebView會(huì)將NSHttpRequest的所有請(qǐng)求產(chǎn)生的cookie自動(dòng)保存到NSHTTPCookieStorage容器中揩悄,并且在同一個(gè)app內(nèi)多個(gè)UIWebView之間共享卖哎,不需要我們做任何操作,在后續(xù)訪問中會(huì)將?cookie?自動(dòng)帶到request?請(qǐng)求當(dāng)中。
WKWebView的cookie問題在于?WKWebView發(fā)起的請(qǐng)求不會(huì)自動(dòng)帶上存儲(chǔ)于?NSHTTPCookieStorage容器中的Cookie,實(shí)踐發(fā)現(xiàn)WKWebView實(shí)例其實(shí)也會(huì)將cookie存儲(chǔ)于?NSHTTPCookieStorage?中删性,但存儲(chǔ)時(shí)機(jī)有延遲亏娜,在iOS 8上,當(dāng)頁面跳轉(zhuǎn)的時(shí)候蹬挺,當(dāng)前頁面的?cookie?會(huì)寫入NSHTTPCookieStorage中维贺,而在 iOS 10 上,JS 執(zhí)行?document.cookie?或服務(wù)器?set-cookie注入的?cookie會(huì)很快同步到?NSHTTPCookieStorage中,在執(zhí)行?[WKWebView loadReques:]?前將?NSHTTPCookieStorage中的內(nèi)容復(fù)制到?WKHTTPCookieStore中巴帮,以此來達(dá)到?WKWebView cookie注入的目的溯泣。
Demo下載地址:?OS開發(fā)之cookie研究demo
