NSURLConnection Return Cached Response Even After Resetting Authorization Heder

Question

So this is the use case.

Application Run, Authorization Header is set to nil. You get fresh data.

[_request setValue:nil forHTTPHeaderField:@"Authorization"];
User login, After that all the requests to server are send with Authorization Header like this.

[_request setValue:[NSString stringWithFormat:@"TRUEREST username=%@&session_token=%@&apikey=1234567890",@"username",@"session_token"] forHTTPHeaderField:@"Authorization"];
Now I log out and now every request goes with Authorization Header nil value.

[_request setValue:nil forHTTPHeaderField:@"Authorization"];

But I am still getting response as if I am logged in user? Any idea what's the issue?

Request to the server is made using as follows

[NSURLConnection sendAsynchronousRequest:_request
                                           queue:[NSOperationQueue mainQueue]
                               completionHandler:^(NSURLResponse *response, NSData *data, NSError *error) {}];

I have tried to make NSMutableURLRequest in following 2 ways.

    _request = [NSMutableURLRequest requestWithURL:url];

    _request = [[NSMutableURLRequest alloc] initWithURL:url
                                                                cachePolicy:NSURLRequestReloadRevalidatingCacheData
                                                            timeoutInterval:60];

CouchDeveloper CouchDeveloper · Accepted Answer · 2013-07-18T07:54:18

You might disable the use of cookies before you use the request:

[_request setHTTPShouldHandleCookies:NO];

Alternatively, delete any cookie - or the relevant cookie - form the NSHTTPCookieStorage singleton.

However, you could greatly improve your code using NSURLConnection implementing the delegate connection:willSendRequestForAuthenticationChallenge: where you are able to fully customize authentication handling.

NSURLConnection Return Cached Response Even After Resetting Authorization Heder

2 Answers