科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

    最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客
    你的位置: 首页>programmer>javascript - Change origin of WKWebView in iOS app - Stack Overflow

    javascript - Change origin of WKWebView in iOS app - Stack Overflow

    programmeradmin0浏览0评论

    I have an iOS hybrid app centred around a WKWebView loading local web assets with loadFileURL. The WKWebView municates over HTTPS to a backend API with jQuery.ajax. The app is mobile-only and I want the API to also be "mobile-only". That is, I want to block browsers such as Chrome and Firefox from using the API.

    My strategy is to set the Access-Control-Allow-Origin header on API responses as follows:

    Access-Control-Allow-Origin: app://myApp

    Can I change the origin of the WKWebView to app://myApp to avoid browsers from querying the API?

    I have an iOS hybrid app centred around a WKWebView loading local web assets with loadFileURL. The WKWebView municates over HTTPS to a backend API with jQuery.ajax. The app is mobile-only and I want the API to also be "mobile-only". That is, I want to block browsers such as Chrome and Firefox from using the API.

    My strategy is to set the Access-Control-Allow-Origin header on API responses as follows:

    Access-Control-Allow-Origin: app://myApp

    Can I change the origin of the WKWebView to app://myApp to avoid browsers from querying the API?

    • javascript
    • ios
    • wkwebview
    Share Improve this question edited Mar 27, 2016 at 23:04 Randomblue asked Mar 5, 2016 at 18:18 RandomblueRandomblue 116k150 gold badges362 silver badges557 bronze badges
    Add a ment  | 

    1 Answer 1

    Reset to default 5

    Case:1

    You can inject a JS into WKWebview at time of document creation or document finished loading and hook the java script XMLHTTPRequest open method with your custom implementation to add this custom header for all the AJAX requests from WKWebView.

    example code

    NSString *XMLHTTPRequestHookJSPath = [[NSBundle mainBundle] pathForResource:@"XMLHTTPRequestHook.js" ofType:nil];
NSString *kXMLHTTPRequestHookJS = [NSString stringWithContentsOfFile:XMLHTTPRequestHookJSPath encoding:NSUTF8StringEncoding error:NULL];
WKUserContentController *contentController = [[WKUserContentController alloc] init];
WKUserScript *script = [[WKUserScript alloc] initWithSource:kXMLHTTPRequestHookJS injectionTime:WKUserScriptInjectionTimeAtDocumentEnd forMainFrameOnly:NO];
[contentController addUserScript:script];
WKWebViewConfiguration *configuration = [[WKWebViewConfiguration alloc] init];
configuration.userContentController = contentController;

self.lastUsedWebView = [[WKWebView alloc] initWithFrame:self.webContainerView.bounds configuration:configuration];
self.lastUsedWebView.navigationDelegate = self;

    And in the XMLHTTPRequestHook.js try to hook XMLHttpRequest with your custom implementation to add this custom header and call back the original open method.

    Case 2 If you want this header to be added while loading the URLRequest in WKWebview , you can add this header to NSMutableRequest as below and load this request in WKWebview. However with this method you may not have this header in all the AJAX calls from WKWebview.

    example code:

    WKWebView * webView = /*set up your webView*/
NSMutableURLRequest * request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:@"http://example./index.html"]];
[request addValue:@"app://myApp" forHTTPHeaderField:@"Access-Control-Allow-Origin"];

// use stringWithFormat: in the above line to inject your values programmatically
[webView loadRequest:request];

    Hope this helps.

    与本文相关的文章

    发布评论

    评论列表(0)

    1. 暂无评论