Clear the credentials from UIWebView

Asked 31/8, 2011 at 12:19 Answered 21/2, 2014 at 16:19

Solved iphone uiwebview nsurlconnection nsurlcredential

What i am doing here is, fetching a URL which has authentication. Hence, i use the function

  - (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge;

When it faces authentication, i present a UIAlertView to enter the username and password and if user has entered it correctly, this method is called.

  - (void)connection:(NSURLConnection *)connection didReceiveResponse:(NSURLResponse *)response;

in this method, i make the login window disappear and bring in the detail view.

Problem arose, when i wanted a logout functionality. All i want is to remove the credentials entered by the user and fetch that URL again, for authentication= purpose. So, i call the didReceiveAuthenticationChallenge.

But what happens is it directly goes to the didReceiveResponse method without asking anything. The problem here is that i am not able to clear the credentials. Can you help me in doing this?

Thanks a lot in advance!

Heidt answered 31/8, 2011 at 12:19 Comment(1)

I ran into this same problem with a web view. Thanks for asking this question!! – Quarterly 21/2, 2014 at 16:14

Try Code for Clear cookie of Request

NSHTTPCookie *cookie;
NSHTTPCookieStorage *storage = [NSHTTPCookieStorage sharedHTTPCookieStorage];
for (cookie in [storage cookies])
{
    NSString* domainName = [cookie domain];
    NSRange domainRange = [domainName rangeOfString:@"twitter"];
    if(domainRange.length > 0)
    {
        [storage deleteCookie:cookie];
    }
}

Dhole answered 1/9, 2011 at 9:29 Comment(1)

Thanks! Totally worked. In my case I wasn't looking for URLs associated with a certain string, though. I wanted to nuke all the cookies so I did the second line followed by a simple for loop: answer with code below. – Quarterly 21/2, 2014 at 16:16

I know this is an old question, but I have the answer here:

It turns out that cookies aren't the only way that UIWebView stores data. There's also this persistent thing called NSURLCredentialStorage and the only way to clear it is thus:

NSLog(@"Logging out...");

// Clear credential storage
NSURLCredentialStorage *credentialStorage = [NSURLCredentialStorage sharedCredentialStorage];
NSDictionary *credentialProtectionSpaces = [credentialStorage allCredentials];

for (NSURLProtectionSpace *protectionSpace in credentialProtectionSpaces)
{
    NSDictionary *credentials = [credentialStorage credentialsForProtectionSpace:protectionSpace];
    for (NSString * username in credentials)
    {
        [credentialStorage removeCredential:[credentials objectForKey:username] forProtectionSpace:protectionSpace];
        NSLog(@"clearing: %@", username);
    }
}

NSLog(@"checking...");

credentialStorage = [NSURLCredentialStorage sharedCredentialStorage];
credentialProtectionSpaces = [credentialStorage allCredentials];
for (NSURLProtectionSpace *protectionSpace in credentialProtectionSpaces)
{
    NSDictionary *credentials = [credentialStorage credentialsForProtectionSpace:protectionSpace];
    for (NSString * username in credentials)
    {
        [credentialStorage removeCredential:[credentials objectForKey:username] forProtectionSpace:protectionSpace];
        NSLog(@"checking: %@", username);
    }
}

You''ll find that the usernames show the first time, but don't show when checking the second time through the same loop. They've been deleted from the NSURLProtectionSpaces.

-Sean

Schoenfelder answered 9/8, 2013 at 9:46 Comment(1)

How would this be done in Swift? for protectionSpace: NSURLProtectionSpace in credentialProtectionSpaces { gives the error "(NSURLProtectionSpace, [String : NSURLCredential])' (aka '(NSURLProtectionSpace, Dictionary<String, NSURLCredential>)') is not convertible to 'NSURLProtectionSpace" – Akela 27/2, 2016 at 20:53

Great question, and in my case I couldn't figure out why we couldn't log out of a web view.

I used some code from the first answer, but wanted to delete all the cookies in the whole thing rather than just ones associated with a certain string or URL. Here's what I did:

NSHTTPCookieStorage *cookieJar = [NSHTTPCookieStorage sharedHTTPCookieStorage];

for (NSHTTPCookie *cookie in [cookieJar cookies]) {
    [[NSHTTPCookieStorage sharedHTTPCookieStorage] deleteCookie:cookie];
}

And this worked! Now when you logout it goes back to the original login screen every time.

Quarterly answered 21/2, 2014 at 16:19 Comment(1)

Is there a way to do this via Javascript? I have a web app (Rails/devise/omniauth-facebook) and cannot remove credentials from the UIWebView. I asked this with more details in here: #37687630 – Libna 7/6, 2016 at 19:4

Recommended topics

Hot tags