Re: App Transport Security exceptions App Store signed app
Re: App Transport Security exceptions App Store signed app
- Subject: Re: App Transport Security exceptions App Store signed app
- From: Jens Alfke <email@hidden>
- Date: Wed, 27 Jan 2016 09:29:02 -0800
> On Jan 27, 2016, at 7:53 AM, Sixten Otto <email@hidden> wrote:
>
> According the docs, it's also for the case where the connection needs to be
> made over non-S HTTP: "With this key’s value set to YES
> <https://developer.apple.com/library/ios/documentation/Cocoa/Reference/ObjCRuntimeRef/index.html#//apple_ref/doc/c_ref/YES <https://developer.apple.com/library/ios/documentation/Cocoa/Reference/ObjCRuntimeRef/index.html#//apple_ref/doc/c_ref/YES>>,
> your app can make secure connections to a secure server but can also
> connect insecurely to a server with no certificate, or a self-signed,
> expired, or hostname-mismatched certificate." (
> https://developer.apple.com/library/ios/documentation/General/Reference/InfoPlistKeyReference/Articles/CocoaKeys.html <https://developer.apple.com/library/ios/documentation/General/Reference/InfoPlistKeyReference/Articles/CocoaKeys.html>
> )
I believe that text refers to an *SSL* server "with no certificate, or a self-signed, expired, or hostname-mismatched certificate”. There is a _separate_ key that allows non-SSL connections.
—Jens
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden