Re: stringWithContentsOfURL returns nil
Re: stringWithContentsOfURL returns nil
- Subject: Re: stringWithContentsOfURL returns nil
- From: <email@hidden>
- Date: Wed, 06 Feb 2008 00:49:22 +0100
Yes, my client can properly reach that link on my web site using Safari.
http://www.mydomain.com/check.php?sn=123456
He got the response-text on the browser.
Any idea?
Best Regards
--
Lorenzo
email: email@hidden
> From: "I. Savant" <email@hidden>
> Date: Tue, 05 Feb 2008 16:29:32 -0500
> To: email@hidden
> Cc: email@hidden
> Subject: Re: stringWithContentsOfURL returns nil
>
>> The url is a php file always present on my web site.
>> Me and all of my clients can always reach this file.
>
> Okay, so the problem is local to the user.
>
>> Only one client gets a null string. And his firewall on MacOSX 10.4.11 is
>> off. Together with the link I pass some data like the version number, e.g.
>> http://www.mydomain.com/check.php?sn=123456
>
> Looks reasonable.
>
>> Could the computer block just this kind of calls, because they send data?
>> If so, what should I look to fix the trouble? As I have said the client's
>> firewall is off. But, could an extra unknown firewall or control work on his
>> modem?
>
> Sure. There are all kinds of content blockers that can be following
> any number of rules. That's why you need to *test it*.
>
>> Yes, the client generally can see my web pages with Safari.
>> But I can't give him just the link of the php file.
>
> Why not? His app is calling it. Have the user send what the app
> sends. If you're just trying to protect this URL as a "secret", I'd
> advise you to give up that pursuit. The security-through-obscurity
> approach to hiding a URL is ridiculous given Google and the many tools
> an astute power user has at his/her disposal for figuring out what
> pages are being loaded by their computers' apps.
>
> If you really don't want to do this, we really can't help you.
>
>> The php file has the following privileges: rw-r--r--
>> Its parent folder's permissions are: rwx--x--x
>> Are those permissions correct? If not, why do the other clients can properly
>> read the php page?
>
> Irrelevant since you and others can get to this page. Also off-topic
> for cocoa-dev, so we'll leave this one alone and assume it's fine.
>
>> Last, I have tried to call a non existing domain, e.g.
>> http://xxx.oadosa.poiopisadp
>> and I got a null string with a different error message:
>> Error Domain=NSCocoaErrorDomain Code=260 UserInfo=0x14a908f0 "The file
>> ³check.php² does not exist."
>> Instead if I just call a non existing file on my web site I get a 404 error
>> page so the string returned by stringWithContentsOfURL is not null.
>> Then I suppose the trouble comes from the permissions? How to fix this?
>
> What leads you to that conclusion? If others can reach it, the
> problem is local to the user's network or computer. GIVE THE USER THE
> URL AND HAVE HIM/HER TEST IT. There is *nothing* more you can do
> without that vital step and if your security relies on nobody knowing
> or finding that URL, your security is flawed anyway, so you're not
> losing anything by disclosing it to the user.
>
> --
> I.S.
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden