I am trying to get my app to connect to an http server at 152.111.198.244 through the Apple Transport Security. And nothing I'm trying works.
Adding the NSAllowsArbitraryLoads key to the info.plist file of my project still did not allow my app to connect to this specific ip address 152.111.198.244 I have gone through the technote on Apple Transport Security. I installed OSX 10.11 to try and find what settings might work for the URL using
nscurl --ats-diagnostics http://152.111.198.244
and
nscurl --ats-diagnostics http://152.111.198.244/publications/
in the terminal. All settings that nscurl tries fail. I have looked at similar questions NSAllowsArbitraryLoads not working and NSExceptionAllowsInsecureHTTPLoads not working for ip addresses and have not found the solution. I also looked here and the NSExceptionMinimumTLSVersion key proposed there doesn't work.
I am starting to think that there may be a bug somewhere, or something that I missed. Are IP addresses an issue with Apple Transport Security? Why? Is there way to make an IP address work through ATS?
UPDATE: I added in the specific ip address that is giving me trouble. Hopefully someone will be able to replicate what I'm talking about.
UPDATE: I logged this as a bug in radar and I got a message that says it's a duplicate. In the meantime, the IP address mentioned in this question has a domain name now http://3d.media24.com/ but unfortunately it has not solved the problem.
UPDATE: I marked an answer as correct. It seems that apple fixed this with XCode7.1 and that the keys for Apple Transport Security have changed a bit. The site in question has also been updated for https connections.
I was able to access that URL, http://152.111.198.244, using ‘Allow Arbitrary Loads’ in my Info.plist under Xcode 7.1 and Simulator 9.1:
- App Transport Security Settings: Dictionary
- Allow Arbitrary Loads: Boolean = YES
Screenshot:
I used the following code:
let url = NSURL(string: "http://152.111.198.244")!
let task = NSURLSession.sharedSession().dataTaskWithURL(url) {(data, response, error) -> Void in
print("response \(response!)")
}
task.resume()
Here is the response that I received:
response <NSHTTPURLResponse: 0x7fe1a2421f80> { URL: http://152.111.198.244/auth/login } { status code: 200, headers {
"Cache-Control" = "no-cache";
Connection = "Keep-Alive";
"Content-Encoding" = gzip;
"Content-Length" = 1138;
"Content-Type" = "text/html; charset=UTF-8";
Date = "Fri, 23 Oct 2015 09:33:59 GMT";
"Keep-Alive" = "timeout=5, max=98";
Server = "Apache/2.4.7 (Ubuntu)";
"Set-Cookie" = "XSRF-TOKEN=eyJpdiI6IldBOWYxcDk3SEtMekJ3YTNSUm9mYUE9PSIsInZhbHVlIjoiTFBcL3RGWW10cjlONFFkeXY1ZDA4SWRkSURIYlFsOGE3QkFEV3hRNTVwRFJuWSt5SXN3OU55Sng4elduMHd1T1duV0VFQ1o4dDVjeDJTZGRFeXJxMjN3PT0iLCJtYWMiOiJiZjNmOTg0NTZmY2RkMGQzNmE2YWEyNjJiNzA1MDlmZjIwM2M3NWYyNjYwZjM5N2Q3ZTgxNjRjNzAzMGYzYmMzIn0%3D; expires=Fri, 23-Oct-2015 11:33:59 GMT; Max-Age=7200; path=/, laravel_session=eyJpdiI6InR5OSs3cmpObVRBbFhORnVJQjRvWFE9PSIsInZhbHVlIjoiSTJ2bk41RVVLZUR1a0xKbFwvalZXQWpsNEtWeHppUVpYVUlRM1ZjQXc5aDJxT1wvXC9uYkViaTQ0SCtGNTMrdmtiQXFOd0VJTFwvM0ZCbmFHZk5MWlwvZ3BBUT09IiwibWFjIjoiYjRmNzcxY2Q5NDFlZjYzZTI1YzU2YzI0YTkxM2M0NDg0MGY2YThiODIxOGZjOTgxYjNmM2FlZTkzZGMyZTdjOCJ9; expires=Fri, 23-Oct-2015 11:33:59 GMT; Max-Age=7200; path=/; httponly";
Vary = "Accept-Encoding";
"X-Powered-By" = "PHP/5.5.9-1ubuntu4.11";
} }
I was also able to connect using the named domain 3d.media24.com but not the numeric address of 152.111.198.244 using exception domains.
Screenshot:
My results agree with the definition for exception domains in the Apple Technote on App Transport Security:
A dictionary of exceptions for the named domain. The name of the key is the name of the domain–for example, www.apple.com.
Some helpful fields can be added below App Transport Security Settings:
NSIncludesSubdomains
NSExceptionAllowInsecureHTTPLoads
NSExceptionRequiresForwardSecrecy
NSExceptionMinimumTLSVersion
NSThirdPartyExceptionAllowsInsecureHTTPLoads
NSThirdPartyExceptionMinimumTLSVersion
NSThirdPartyExceptionRequiresForwardSecrecy
Visit https://github.com/ChenYilong/iOS9AdaptationTips#1-demo1_ios9%E7%BD%91%E7%BB%9C%E9%80%82%E9%85%8D_ats%E6%94%B9%E7%94%A8%E6%9B%B4%E5%AE%89%E5%85%A8%E7%9A%84https for more usage.
Hope helpful for you!
来源:https://stackoverflow.com/questions/33034645/nsallowsarbitraryloads-not-working-for-ip-address