app-transport-security

问题 I've a problem with ATS. I'm using XCode 9.1, my Development Target is 11.0. I'm developing using react-native 0.49 My program is doing a fetch to a https (https://www.xxxx.com) resource which has a valid (google chrome) letsencrypt certificate. The fetch only works, when NSAllowsArbitraryLoads is set to true, when set to false the fetch is blocked (debug out)? I'm doing some tests using a temporary domain (https://xxxx.no-ip.org). This domain also has a valid letsencrypt certificate. In this

问题 TL; DR: I have an iOS app connecting to a webservice that does not meet the minimum requirements for the new ATS feature. I have modified my Info.plist to allow an exception so my app can still connect to the webservice. (NSURLSession/NSURLConnection HTTP load failed on iOS 9 ) This works correctly in development, however, the update I just pushed to the store still fails to hit the webservice. I don't know where the disconnect is happening or how to fix this. === First off, this is all

问题 TL; DR: I have an iOS app connecting to a webservice that does not meet the minimum requirements for the new ATS feature. I have modified my Info.plist to allow an exception so my app can still connect to the webservice. (NSURLSession/NSURLConnection HTTP load failed on iOS 9 ) This works correctly in development, however, the update I just pushed to the store still fails to hit the webservice. I don't know where the disconnect is happening or how to fix this. === First off, this is all

问题 TL; DR: I have an iOS app connecting to a webservice that does not meet the minimum requirements for the new ATS feature. I have modified my Info.plist to allow an exception so my app can still connect to the webservice. (NSURLSession/NSURLConnection HTTP load failed on iOS 9 ) This works correctly in development, however, the update I just pushed to the store still fails to hit the webservice. I don't know where the disconnect is happening or how to fix this. === First off, this is all

问题 I making a new app and want to submit to app store. But at the time of final submission there is check for Export Compliance. What should I Check Yes Or No. I use https url in my app. Please Help Me . Thanks In Advance. 回答1: If you are using https in your application, you will need to answer yes to this question, even if all you are using is built in mechanisms to communicate over https. The good news is that you no longer need to get the Encryption Registration Number (ERN) - the current

问题 I am trying to load content in an In App Browser from my local server ( using httpd plugin ). the web page is coming from a https, while the local server is loading of course a http. I am testing on an Iphone x IOS 12. Using adobe Build Tried: <access origin='*' allows-arbitrary-loads-in-media='true' allows-arbitrary-loads-in-web-content='true' allows-local-networking='true' /> <edit-config target="NSAllowsArbitraryLoads" file="*-Info.plist" mode="merge"> <true /> </edit-config> <plugin name=

问题 I have a WKWebView which will display users' webpages using links gathered online. Sometimes these links are http: which are blocked by ATS . I've tried simply changing the links to https: , which works sometimes. However, very often I get an error "An SSL error has occurred and a secure connection to the server cannot be made". Sometimes the page simply redirects to the http: , which gets blocked again. Other times the https: page is simply "Not found". Removing http: only results in

问题 I cannot disable App Transport Security (ATS) in Xcode 9.2. I have been (for years) disabling ATS when running builds against my local server environment like so: Transport security has blocked a cleartext HTTP <key>NSAppTransportSecurity</key> <dict> <key>NSAllowsArbitraryLoads</key> <true/> </dict> In Xcode 9.2, a simple request (running against a local Rails app in http mode): let session = URLSession(configuration: .default) let url = URL(string: "http://store.dev/api/products.json")! let

问题 Is it safe, in terms of security, to add localhost to ATS NSExceptionDomains for development use? It's not very convenient (and it's easy to forget) to remove those lines from Info.plist file before every commit. <dict> <key>NSExceptionDomains</key> <dict> <key>localhost</key> <dict> <key>NSIncludesSubdomains</key> <true/> <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key> <true/> </dict> </dict> </dict> Additionally, can Apple reject the application because of this? 回答1: You can now do

问题 Under iOS 9, I've used the accepted answer here: Transport security has blocked a cleartext HTTP I added the entries to my Info.plist file under NSAppTransportSecurity . My app seems to be functioning properly, as well as executing all of the requests for which I've accounted for. I am still receiving the error: App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file. My problem is