iOS9 does not load insecure resources from a secure page (SSL/HTTPS)

Question

I am trying to load a page into UIWebView on iOS9 using https:// URL. The page loaded includes CSS and images from an insecure server.

E.g. the page loaded:

Answer 1

App Transport Security revised in iOS9 release. Now onwards your application is safe from un secure connection. And iOS forces to make secure connection. This can be conflict in your case.

From Apple documentation

If your app needs to make a request to an insecure domain, you have to specify this domain in your app's Info.plist file

So I think this can make an issue while loading .css file for web pages.

So give a try specify your domain in info.plist and check that .css files are loaded or not.

Edit:

---

Spotlight: You need to add more keys here in info.plist.

Look at this key NSThirdPartyExceptionAllowsInsecureHTTPLoads this allows a service domain which is not controlled by developer and add an exception to Transport layer to by pass insecure resources.

The structure for adding keys for App Transport Security is below:

For more details and explanation about all keys check this note - App Transport Security Technote