• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: App Transport Security exceptions App Store signed app
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: App Transport Security exceptions App Store signed app


  • Subject: Re: App Transport Security exceptions App Store signed app
  • From: Jens Alfke <email@hidden>
  • Date: Tue, 26 Jan 2016 22:18:45 -0800

> On Jan 26, 2016, at 9:55 PM, Trygve Inda <email@hidden> wrote:
>
> NSTemporaryExceptionAllowsInsecureHTTPLoads

The “Temporary” in those names was only needed for the first iOS 9 beta. It might still be supported, but the official names do not have Temporary in them. See the official docs at
	https://developer.apple.com/library/prerelease/ios/documentation/General/Reference/InfoPlistKeyReference/Articles/CocoaKeys.html#//apple_ref/doc/uid/TP40009251-SW33

> Calls to http on my domain (xericdesign.com <http://xericdesign.com/>) work. Calls via http to my
> other domain (earthdeskcloudhost02.com <http://earthdeskcloudhost02.com/>) do not work.

I believe you’re using the wrong key. If you need non-SSL connections to work, the key you want is NSAllowsArbitraryLoads. The key you’re using is for situations where you make an SSL connection but the SSL server doesn’t meet ATS’s security requirements — e.g. its certificate is self-signed or expired.

Another useful article to read is
	http://lithium3141.com/blog/2015/08/21/shipping-an-app-with-app-transport-security/

Also, have you looked into setting up HTTPS on those servers instead of working around its absence? Part of the reason Apple added ATS was to nudge app developers to make their network connections more secure, which will benefit users.

—Jens
_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden


  • Follow-Ups:
    • Re: App Transport Security exceptions App Store signed app
      • From: Sean McBride <email@hidden>
    • Re: App Transport Security exceptions App Store signed app
      • From: Sixten Otto <email@hidden>
    • Re: App Transport Security exceptions App Store signed app
      • From: Trygve Inda <email@hidden>
References: 
 >App Transport Security exceptions App Store signed app (From: Trygve Inda <email@hidden>)

  • Prev by Date: Re: App Transport Security exceptions App Store signed app
  • Next by Date: Re: LGPL code in the Mac App Store?
  • Previous by thread: Re: App Transport Security exceptions App Store signed app
  • Next by thread: Re: App Transport Security exceptions App Store signed app
  • Index(es):
    • Date
    • Thread