Hook additional NSURLconnection methods
nabla-c0d3 opened this issue · 1 comments
nabla-c0d3 commented
All the iOS Apps with certificate pinning that I found were using initWithRequest:delegate: and initWithRequest:delegate:startImmediately:.
However, other methods can be used to connect to a server:
- connectionWithRequest:delegate:
- sendSynchronousRequest:returningResponse:error:
- sendAsynchronousRequest:queue:completionHandler:
Those methods should be patched as well in order to disable certificate validation.
nabla-c0d3 commented
There is no documented way to implement certificate pinning within sendSynchronousRequest:returningResponse:error: and sendAsynchronousRequest:queue:completionHandler:
Therefore, there's no need to hook those methods. Closing this issue.