• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: App Transport Security exceptions App Store signed app
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: App Transport Security exceptions App Store signed app

  • Subject: Re: App Transport Security exceptions App Store signed app
  • From: Sixten Otto <email@hidden>
  • Date: Wed, 27 Jan 2016 12:21:59 -0700
On Wed, Jan 27, 2016 at 10:29 AM, Jens Alfke <email@hidden> wrote:

> I believe that text refers to an *SSL* server "with no certificate, or a
> self-signed, expired, or hostname-mismatched certificate”. There is a
> _separate_ key that allows non-SSL connections.
>

Reading over the rest of the page, I'm fairly certain that's not the case.
Here are a couple of other bits:

Set this key’s value to YES
> <https://developer.apple.com/library/ios/documentation/Cocoa/Reference/ObjCRuntimeRef/index.html#//apple_ref/doc/c_ref/YES>,
> if needed, to:
>
>    - Enable connection to an insecure HTTP server
>    - Enable connection to an untrusted HTTPS server
>    - Enable connection to an HTTPS server for which you want to perform
>    your own server trust evaluation
>
> For example, setting the value of a named server’s
> NSExceptionAllowsInsecureHTTPLoads key to YES
> <https://developer.apple.com/library/ios/documentation/Cocoa/Reference/ObjCRuntimeRef/index.html#//apple_ref/doc/c_ref/YES> allows
> insecure HTTP connections to that server.


To use ATS generally but allow connection to a specific server that does
> not support the HTTPS protocol—for example, a media server that your app
> uses—employ the following configuration pattern in your Info.plist file: *[snip
> example using **NSExceptionAllowsInsecureHTTPLoads]*


The only other exception keys that control HTTPS behavior are
NSExceptionRequiresForwardSecrecy and NSExceptionMinimumTLSVersion, neither
of which seems to fit the role you're talking about.
_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
References: 
 >App Transport Security exceptions App Store signed app (From: Trygve Inda <email@hidden>)
 >Re: App Transport Security exceptions App Store signed app (From: Jens Alfke <email@hidden>)
 >Re: App Transport Security exceptions App Store signed app (From: Sixten Otto <email@hidden>)
 >Re: App Transport Security exceptions App Store signed app (From: Jens Alfke <email@hidden>)

  • Prev by Date: Re: Obj-C - your thoughts on hiding data members?
  • Next by Date: Re: Obj-C - your thoughts on hiding data members?
  • Previous by thread: Re: App Transport Security exceptions App Store signed app
  • Next by thread: Re: App Transport Security exceptions App Store signed app
  • Index(es):
    • Date
    • Thread