iOS 9 … Are WebView(s) exempt from the App Transport Security Exceptions (ATS) rules that block insecure HTTP hosts?

Question

In iOS 9, Apple is blocking insecure HTTP connections for apps, unless specific hosts are whitelisted.

http://ste.vn/2015/06/10/configuring-app-transport-security-io

Answer 1

If your app (a third-party web browser, for instance) needs to load arbitrary content, Apple provides a way to disable ATS altogether, but I suspect it’s wise for you to use this capability sparingly:

NSAppTransportSecurity
    
        
        NSAllowsArbitraryLoads