[[__NSArrayM insertObject:atIndex:]: object cannot be nil] [Cordova-Ios] App crash with SSL pinned active

Question

[[__NSArrayM insertObject:atIndex:]: object cannot be nil] [Cordova-Ios] App crash with SSL pinned active

FranciscoVega2 opened this issue a year ago · comments

Hi, I'm having a problem similar to issue #173, but that one is closed. I hope you can help me, please.

Describe the bug
When I'm trying to make a POST request, my app crashes due to an NSException. This works fine on Android with the same code and .cer file.

System info

affected HTTP plugin version: [3.3.1]
affected platform(s) and version(s): [ iOS 14.2]
affected device(s): [ iPhone 6 plus]
cordova version: [11.1.0]
cordova platform version(s): [ ios 6.3.0, android 10.1.2]

Minimum viable code to reproduce
const options = {
method: 'post',
data: { id: 12, message: 'test' },
headers: { Authorization: 'OAuth2: token' }
};

cordova.plugin.http.sendRequest('https://google.com/', options, function(response) {
// prints 200
console.log(response.status);
}, function(response) {
// prints 403
console.log(response.status);

//prints Permission denied
console.log(response.error);
});

Jose Luis · Answer 1 · Sat May 20 2023 00:55:17 GMT+0800 (China Standard Time)

I have the same problem, it happens to me sometimes not always, when I make a post request the ios app crash, on android it works fine.

I make the request as: http.post()

azureshin · Answer 2 · Tue Jun 06 2023 23:01:12 GMT+0800 (China Standard Time)

me too...
I make the request as: http.post()

azureshin · Answer 3 · Wed Jun 07 2023 09:23:18 GMT+0800 (China Standard Time)

The problem may lie in the "setServerTrustMode" function. If I use the following code, there will be an error.

cordova.plugin.http.setServerTrustMode('pinned', function () {
    cordova.plugin.http.get(url, $.extend(data, obj2), {}, function (response) {
        console.log(response)
    }, function (response) {
        if (response.status != -7) {
            alert(response.error);
        }
    });
}, function () {
    showAlert('err');
});

If I use the following code, it can run normally.

cordova.plugin.http.get(url, $.extend(data, obj2), {}, function (response) {
    console.log(response)
}, function (response) {
    if (response.status != -7) {
        alert(response.error);
    }
});

However, I cannot determine if it's a problem with the certificate path or a plugin issue. I have tried placing the certificate in various paths, but the error still occurs.

azureshin · Answer 4 · Wed Jun 07 2023 11:01:37 GMT+0800 (China Standard Time)

I found the reason, it's an SSL issue.

The server.cer file works on Android but not on iOS.
It's because the server.cer file is not correctly DER encoded.

#84

You can refer to the following link to convert the cer file to DER encoding.