NSHTTPCookieStorage的共享实例不保存cookies

Question

我正在开发一个应用程序，服务器递给我一个cookie来识别用户。

我的后续请求需要具有该cookie才能获得用户期望的响应。我不能理解的是，NSHTTPCookieStorage的共享实例是如何以及何时丢失cookies的。

我使用的第一个解决方案是在应用程序终止时将cookie从我的服务器存档并保存到用户默认设置，然后在应用程序启动时从我的服务器中清除现有的cookie，并重置我存储的cookie。在开发过程中，我没有遇到问题，因为调试的会话非常短，并且通常不需要将应用程序放在后台。

在beta测试期间，麻烦开始了。我的技巧是不仅在应用程序终止时保存cookies，而且在将这些cookies交回给我的API调用之后也保存。不仅在应用程序启动时加载保存的cookie，而且在应用程序返回到前台时也加载。

NSHTTPCookieStorage share实例如何摆脱这些cookies，以及处理它的最佳实践是什么，因为它是我的应用程序的重要组成部分，如果没有更有经验的开发人员的支持，我不能相信这样一个被黑客攻击的解决方案。

提前感谢您的回答

编辑:下面是保存/读取/清除cookie的方法

-(void)saveStoredCookies
{
    NSURL *httpUrl = @"http://myServer.com";
    NSURL *httpsUrl = @"https://myServer.com";

    NSArray *httpCookies = [[NSHTTPCookieStorage sharedHTTPCookieStorage] cookiesForURL:httpUrl];
    NSData *httpCookiesData = [NSKeyedArchiver archivedDataWithRootObject:httpCookies];
    [[NSUserDefaults standardUserDefaults] setObject:httpCookiesData forKey:@"savedHttpCookies"];

    NSArray *httpsCookies = [[NSHTTPCookieStorage sharedHTTPCookieStorage] cookiesForURL:httpsUrl];
    NSData *httpsCookiesData = [NSKeyedArchiver archivedDataWithRootObject:httpsCookies];
    [[NSUserDefaults standardUserDefaults] setObject:httpsCookiesData forKey:@"savedHttpsCookies"];

    [[NSUserDefaults standardUserDefaults] synchronize];
}

-(void)readStoredCookies
{
    //clear, read and install stored cookies
    NSURL *httpUrl = @"http://myServer.com";
    NSURL *httpsUrl = @"https://myServer.com";

    NSArray *cookies = [[NSHTTPCookieStorage sharedHTTPCookieStorage] cookiesForURL:httpUrl];
    for (NSHTTPCookie *cookie in cookies) {
        [[NSHTTPCookieStorage sharedHTTPCookieStorage] deleteCookie:cookie];
    }
    cookies = [[NSHTTPCookieStorage sharedHTTPCookieStorage] cookiesForURL:httpsUrl];
    for (NSHTTPCookie *cookie in cookies) {
        [[NSHTTPCookieStorage sharedHTTPCookieStorage] deleteCookie:cookie];
    }

    NSData *httpCookiesData = [[NSUserDefaults standardUserDefaults] objectForKey:@"savedHttpCookies"];
    if([httpCookiesData length]) {
        NSArray *savedCookies = [NSKeyedUnarchiver unarchiveObjectWithData:httpCookiesData];
        for (NSHTTPCookie *cookie in savedCookies) {
            [[NSHTTPCookieStorage sharedHTTPCookieStorage] setCookie:cookie];
        }       
    }
    NSData *httpsCookiesData = [[NSUserDefaults standardUserDefaults] objectForKey:@"savedHttpsCookies"];
    if([httpsCookiesData length]) {
        NSArray *savedCookies = [NSKeyedUnarchiver unarchiveObjectWithData:httpsCookiesData];
        for (NSHTTPCookie *cookie in savedCookies) {
            [[NSHTTPCookieStorage sharedHTTPCookieStorage] setCookie:cookie];
        }       
    }
}

-(void)clearStoredCookies
{
    NSURL *httpUrl = @"http://myServer.com";
    NSURL *httpsUrl = @"https://myServer.com";
    NSArray *cookies = [[NSHTTPCookieStorage sharedHTTPCookieStorage] cookiesForURL:httpUrl];
    for (NSHTTPCookie *cookie in cookies) {
        [[NSHTTPCookieStorage sharedHTTPCookieStorage] deleteCookie:cookie];
    }
    cookies = [[NSHTTPCookieStorage sharedHTTPCookieStorage] cookiesForURL:httpsUrl];
    for (NSHTTPCookie *cookie in cookies) {
        [[NSHTTPCookieStorage sharedHTTPCookieStorage] deleteCookie:cookie];
    }
}

Answer 1

解决了！

经过一些简单的调试后，我发现问题出在我在cookiesForURL:中使用的url。我只是开始使用cookies属性，现在它工作得很好。

Answer 2

NSHttpCookieStorage将丢失其cookies，因为您未设置cookies的过期时间。设置过期时间是必要的，否则当您的应用程序退出时，您的cookie将丢失。

下面是我如何在应用程序退出和启动期间存储cookie的快速浏览。

NSMutableDictionary *cookieProperties = [NSMutableDictionary dictionary];
[cookieProperties setObject:name forKey:NSHTTPCookieName];
[cookieProperties setObject:strValue forKey:NSHTTPCookieValue];
[cookieProperties setObject:@"myserver.com" forKey:NSHTTPCookieDomain];    // Without http://
[cookieProperties setObject:@"myserver.com" forKey:NSHTTPCookieOriginURL]; // Without http://
[cookieProperties setObject:@"/" forKey:NSHTTPCookiePath];

// set expiration to one month from now or any future NSDate of your choice
// this makes the cookie sessionless and it will persist across web sessions and app launches
/// if you want the cookie to be destroyed when your app exits, don't set this
[cookieProperties setObject:[[NSDate date] dateByAddingTimeInterval:2629743] forKey:NSHTTPCookieExpires];

NSHTTPCookie *cookie = [NSHTTPCookie cookieWithProperties:cookieProperties];
[[NSHTTPCookieStorage sharedHTTPCookieStorage] setCookie:cookie];

希望这能有所帮助。

Answer 3

这是模拟器吗？和使用滚动曲奇？

在模拟器中，cookie并不像它们应该的那样持续存在，因为它们是与桌面Safari共享的。当cookies翻转时，其中一个最终会覆盖另一个。

这对设备本身来说不是问题，因为每个应用程序都有自己的cookie商店。(说实话，我还没有注意到在Mountain Lion中发生了这种情况。)