NSURLSession 防护

NSURLSessionConfiguration里面的connectionProxyDictionary清空

#import "NSURLSession+Proxy.h"
#import <objc/runtime.h>
/// 判断是正式环境还是测试环境, YES:可以抓包, NO:限制抓包
NSString *const PROXY_ENVIRONMENTKEY = @"PROXY_ENVIRONMENTKEY";

@implementation NSURLSession (Proxy)

+ (void)load {
  static dispatch_once_t onceToken;
  dispatch_once(&onceToken, ^{
      NSNumber *enviroment = [[NSUserDefaults standardUserDefaults] objectForKey:PROXY_ENVIRONMENTKEY];
#if defined(DEBUG_ENV) || defined(RELEASE_ENV)
      enviroment = @(YES);
#endif
      //小程序不限制抓包
      NSString *bundleId = [[[NSBundle mainBundle] infoDictionary] objectForKey:@"CFBundleIdentifier"];;
      //NO 限制抓包,则走方法交换
      if (![enviroment boolValue]) {
          [self swizzlingMethods];
      }
    
  });
}

+ (void)swizzlingMethods {
    Method method1 = class_getClassMethod([NSURLSession class],@selector(sessionWithConfiguration:));
    Method method2 = class_getClassMethod([NSURLSession class],@selector(Proxy_sessionWithConfiguration:));
    method_exchangeImplementations(method1, method2);

    Method method3 = class_getClassMethod([NSURLSession class],@selector(sessionWithConfiguration:delegate:delegateQueue:));
    Method method4 = class_getClassMethod([NSURLSession class],@selector(Proxy_sessionWithConfiguration:delegate:delegateQueue:));
    method_exchangeImplementations(method3, method4);

}

+ (NSURLSession *)Proxy_sessionWithConfiguration:(NSURLSessionConfiguration *)configuration
                                           delegate:(nullable id)delegate
                                      delegateQueue:(nullable NSOperationQueue*)queue {
    if(configuration) configuration.connectionProxyDictionary = @{};
    return [self Proxy_sessionWithConfiguration:configuration
                                          delegate:delegate
                                     delegateQueue:queue];
}

+ (NSURLSession *)Proxy_sessionWithConfiguration:(NSURLSessionConfiguration *)configuration {
    if(configuration) configuration.connectionProxyDictionary = @{};
    return [self Proxy_sessionWithConfiguration:configuration];
    
}
@end

代理检测

// 获取网络配置中的代理信息
NSDictionary *proxySettings = (__bridge NSDictionary *)(CFNetworkCopySystemProxySettings());
NSDictionary *httpProxy = proxySettings[(__bridge NSString *)kCFNetworkProxiesHTTPProxy];
NSNumber *httpPort = proxySettings[(__bridge NSString *)kCFNetworkProxiesHTTPPort];

客户端认证(SSL Pinning

代码参考AFNetworking

证书绑定(Certificate Pinning

AFSSLPinningModeCertificate

公钥绑定(Public Key Pinning

AFSSLPinningModePublicKey