Re: App Transport Security exceptions App Store signed app
Re: App Transport Security exceptions App Store signed app
- Subject: Re: App Transport Security exceptions App Store signed app
- From: Sixten Otto <email@hidden>
- Date: Wed, 27 Jan 2016 08:53:25 -0700
On Tue, Jan 26, 2016 at 11:18 PM, Jens Alfke <email@hidden> wrote:
> I believe you’re using the wrong key. If you need non-SSL connections to
> work, the key you want is NSAllowsArbitraryLoads. The key you’re using is
> for situations where you make an SSL connection but the SSL server doesn’t
> meet ATS’s security requirements — e.g. its certificate is self-signed or
> expired.
>
According the docs, it's also for the case where the connection needs to be
made over non-S HTTP: "With this key’s value set to YES
<https://developer.apple.com/library/ios/documentation/Cocoa/Reference/ObjCRuntimeRef/index.html#//apple_ref/doc/c_ref/YES>,
your app can make secure connections to a secure server but can also
connect insecurely to a server with no certificate, or a self-signed,
expired, or hostname-mismatched certificate." (
https://developer.apple.com/library/ios/documentation/General/Reference/InfoPlistKeyReference/Articles/CocoaKeys.html
)
Which you might want to do if you have an app where you really don't want
to allow connections to absolutely anything (which NSAllowsArbitraryLoads
does), but there's a specific, known host/domain that you need that doesn't
support TLS.
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden