iOS 9 … Are WebView(s) exempt from the App Transport Security Exceptions (ATS) rules that block insecure HTTP hosts?

Question

In iOS 9, Apple is blocking insecure HTTP connections for apps, unless specific hosts are whitelisted.

http://ste.vn/2015/06/10/configuring-app-transport-security-io

Answer 1

I have inserted the following in my apps .plist per the Apple Guidance:

NSAppTransportSecurity

     
     NSAllowsArbitraryLoads
     

and when I try to load my webView (from an HTTPS server no less), I get the following error and it doesn't load.

NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9813)

So I it looks like not only are they not exempt, they don't work even if you make the correct addition to the .plist.