how to submit a password with special characters f

2019-07-26 18:07发布

站内问答 / 前沿技术
1068 1 5

I have to login with my to a web-server.All works fine, but not generated passwords like |%<">{}¥^~ . How I have to encode passwords like this?

I create a User with password=|%<">{}¥^~ doset work ( for example a password like "user1234" works fine)

NSString *userName = self.usernameOutlet.text;
NSString *userPassword = self.passwordOutlet.text;
NSString *escapedString = [self.passwordOutlet.text stringByAddingPercentEncodingWithAllowedCharacters:[NSCharacterSet URLHostAllowedCharacterSet]];
userPassword = escapedString;
NSString *post = [NSString stringWithFormat:@"login=%@&password=%@",userName,userPassword];
NSData *postData = [post dataUsingEncoding:NSASCIIStringEncoding allowLossyConversion:YES];
NSString *postLength = [NSString stringWithFormat:@"%lu",(unsigned long)[postData length]];
NSMutableURLRequest *request = [[NSMutableURLRequest alloc] init];
[request setURL:[NSURL URLWithString:@"http://XXXXXXXX/login"]];
[request setHTTPMethod:@"POST"];
[request setValue:postLength forHTTPHeaderField:@"Content-Length"];
[request setValue:@"application/x-www-form-urlencoded" forHTTPHeaderField:@"Content-Type"];
[request setHTTPBody:postData];
NSURLConnection *conn = [[NSURLConnection alloc] initWithRequest:request delegate:self];

with passwords like "user1234" I get a cookie

with passwords like "|%<">{}¥^~" I get no cookie

what am I doing wrong?

1条回答
混吃等死
2楼-- · 2019-07-26 18:37

It’s tempting to want to use URLQueryAllowedCharacterSet, but that won’t work for all strings. Notably & and + will pass unescaped.

If you’re wondering why we must percent escape & and +, too, it’s because these two characters have a special meaning in x-www-form-urlencoded requests. The & is used to delimit key-value pairs in a x-www-form-urlencoded request, so it will truncate your password. And most web services translate a + to a space, so you’ll want to percent escape that, too.

So, let’s first define a character set that will work:

// NSCharacterSet+URLQueryValueAllowed.h

@interface NSCharacterSet (URLQueryValueAllowed)

@property (class, readonly, copy) NSCharacterSet *URLQueryValueAllowedCharacterSet;

@end

and 

// NSCharacterSet+URLQueryValueAllowed.m

@implementation NSCharacterSet (URLQueryValueAllowed)

+ (NSCharacterSet *)URLQueryValueAllowedCharacterSet {
    static dispatch_once_t onceToken;
    static NSCharacterSet *queryValueAllowed;
    dispatch_once(&onceToken, ^{
        NSMutableCharacterSet *allowed = [[NSCharacterSet URLQueryAllowedCharacterSet] mutableCopy];
        NSString *generalDelimitersToEncode = @":#[]@";   // does not include "?" or "/" due to RFC 3986 - Section 3.4
        NSString *subDelimitersToEncode = @"!$&'()*+,;=";

        [allowed removeCharactersInString:generalDelimitersToEncode];
        [allowed removeCharactersInString:subDelimitersToEncode];

        queryValueAllowed = [allowed copy];
    });
    return queryValueAllowed;
}

@end

Then, to make life easier for us, let’s define NSDictionary category for percent encoding a dictionary:

// NSDictionary+PercentEncoded.h

@interface NSDictionary (PercentEncoded)
- (NSString *)percentEncodedString;
- (NSData *)percentEncodedData;
@end

and 

// NSDictionary+PercentEncoded.m

@implementation NSDictionary (PercentEncoded)
- (NSString *)percentEncodedString {
    NSMutableArray<NSString *> *results = [NSMutableArray array];
    NSCharacterSet *allowed = [NSCharacterSet URLQueryValueAllowedCharacterSet];

    for (NSString *key in self.allKeys) {
        NSString *encodedKey = [key stringByAddingPercentEncodingWithAllowedCharacters:allowed];
        NSString *value = [[self objectForKey:key] description];
        NSString *encodedValue = [value stringByAddingPercentEncodingWithAllowedCharacters:allowed];
        [results addObject:[NSString stringWithFormat:@"%@=%@", encodedKey, encodedValue]];
    }
    return [results componentsJoinedByString:@"&"];
}

- (NSData *)percentEncodedData {
    return [[self percentEncodedString] dataUsingEncoding:NSUTF8StringEncoding];
}
@end

Then, your application code can do:

NSDictionary *dictionary = @{@"login": userName, @"password": userPassword};
NSData *body = [dictionary percentEncodedData];
查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)