Re: Questions on when credentials are used in NSURLSessionDownloadTask
Re: Questions on when credentials are used in NSURLSessionDownloadTask
- Subject: Re: Questions on when credentials are used in NSURLSessionDownloadTask
- From: Jens Alfke <email@hidden>
- Date: Sat, 18 Apr 2015 22:14:06 -0700
On Apr 18, 2015, at 7:36 PM, Daryle Walker < email@hidden> wrote:
I don’t really get what these protection spaces are, and my tool’s model should have the username & password be applicable to any URL submitted, and therefore any potential protection space.
A stored credential is associated with a specific URL or domain or whatever — a protection space — to keep its sensitive data from being leaked to unrelated sites. Will I get into problems if I keep the callback as above?
It should be fine, although it seems suspect to have a username/password and blindly try to send them to every HTTP server you encounter. Generally you don’t want to send a password to another party except when you’re fairly sure it’s the party that owns the account.
—Jens |
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden