Open rolfbjarne opened 2 years ago
@rolfbjarne While this gets fixed, how can we test apps connecting to local services with self-signed certs?
@mandel-macaque do you know the answer to ^?
While this gets fixed, how can we test apps connecting to local services with self-signed certs?
Import the certificate to keychain and mark it as trusted I guess.
Can someone elaborate on the workaround for this? As it seems this just got pushed to .NET 8?
I was able to get around this by Updating my iOS Build settings Linker behavior to "Dont Link"
ServerCertificateCustomValidationCallback
is being implemented in #15117. We haven't had time to look at the other members yet.
We haven't had time to look at the other members yet.
Proxy / UseProxy is required for apps running on restricted government mobile devices, as the MDM forces the proxy on every allowed devices, and the default .net behavior is to force the use of no proxy (ie: it ignores the system wide proxy set on mobile device).
Even if this isn't immediately merged. Maybe it would be nice to early return some no-op actions?
I had to hunt down a bug today in an iOS app where a class that used HTTP crashed. The weird thing was that the HTTP code itself was definitely not using proxies at all. It said so right at the start where it initialised the HttpClientHandler
:
HttpClientHandler hch = new()
{
Proxy = null,
UseProxy = false
};
In retrospect this was pretty funny. On iOS proxying is not supported, but not proxying is not supported either. It only works if you use the defaults, which, of course, do not proxy. The unnecessary lines were in shared code originally written for .NET Core 1 in 2017 and removing them made it work. In fact it turned out that the entire constructor of that class could be replaced by instead initialising the HttpClient
member with = new()
. All the work we did there was initialising values, apparently necessary in .NET Core 1, which have since become auto-initialised defaults.
As @softlion has mentioned above, this is a critical feature for enterprise level apps as they are locked away behind a corporate network and proxy enforced via MDM. What is the workaround and if its coming to MAUI soon?
@rolfbjarneis there any official workaround?
As @softlion has mentioned above, this is a critical feature for enterprise level apps as they are locked away behind a corporate network and proxy enforced via MDM. What is the workaround and if its coming to MAUI soon?
It used to work on Xamarin in 2018 or 2017 on IOS devices, as I released an app for a MDM controlled environment forcing the proxy on iPhone (I still had to manually set the Proxy value from the system wide proxy value). Thus my warning above. Not addressing this issue is making lots of deciders silently turn their back on Xamarin/maui. Hobbyists won't complain though.
@softlion @rolfbjarne @filipnavara I am using a proxy for ios in the following way: Refer to this discussion 86364
var configuration = NSUrlSessionConfiguration.DefaultSessionConfiguration;
var dictionary = new NSDictionary(
new NSString("HTTPEnable"), 1,
new NSString("HTTPProxy"), ProxyServer,
new NSString("HTTPPort"), ProxyPort,
new NSString("HTTPSEnable"), 1,
new NSString("HTTPSProxy"), ProxyServer,
new NSString("HTTPSPort"), ProxyPort);
configuration.ConnectionProxyDictionary = dictionary;
var handler = NSUrlSessionHandler(configuration);
var httpClient = new HttpClient (handler);
Using this method, I have been able to send requests through the proxy server. Do you think this method is okay? Will there be any impact when the proxy setting of NSUrlSessionHandler is not supported?
We have numerous NSUrlSessionHandler properties that throw PlatformNotSupportedException, and which we could/should implement properly:
https://github.com/xamarin/xamarin-macios/blob/0924eb4ef11f509e48a132c22ec1ad8fdc7be3c1/src/Foundation/NSUrlSessionHandler.cs#L532-L675
Ref: https://github.com/xamarin/xamarin-macios/issues/13579 Proxy support is also tracked here: #18635.