Whats the best way to make this a more secure and less obvious security risk?
NSString *loginIdentification = [NSString stringWithFormat:@"user=%@&pass=%@&", userNameLogin, passWordLogin];
addressVariable = [NSString stringWithFormat:@"%@/%@", url, loginIdentification];
addressVariable = [addressVariable stringByAddingPercentEscapesUsingE开发者_StackOverflow社区ncoding: NSUTF8StringEncoding];
NSURLResponse* response = nil;
NSError* error = nil;
NSData* data = [NSURLConnection sendSynchronousRequest:request returningResponse:&response error:&error];
Make sure you're using an https
connection and not an http
connection.
Instead of putting the sensitive information in the URL (via GET), use the POST method and put them in the body. That way, they won't show up in your server logs.
精彩评论