How to add NSAppTransportSecurity to Cordova project

问题

I'm working on a ionic cordova project. That application needs to be onfigured App Transport Security Exceptions for iOS 9 version.

Does anyone know how to add below configuration to the cordova project configuration file? (config.xml)

<key>NSAppTransportSecurity</key>
<dict>
  <key>NSAllowsArbitraryLoads</key>
      <true/>
</dict>

Regards,

回答1:

The easiest solution is probably by using a plugin. Take a look at cordova-plugin-transport-security

cordova plugin add cordova-plugin-transport-security --save

You can see in its plugin.xml file how it modifies the plist value.

<platform name="ios">
  <config-file target="*-Info.plist" parent="NSAppTransportSecurity">
      <dict>
          <key>NSAllowsArbitraryLoads</key>
          <true/>
      </dict>
  </config-file>
</platform>

回答2:

Referring to the Whitelist Guide this should be done by adding

<access origin='*' allows-arbitrary-loads-in-media='true' allows-arbitrary-loads-in-web-content='true' allows-local-networking='true' />

to your config.xml.

回答3:

You are able to update properties in your app Info.plist file by using the edit-config tag directly in your config.xml.

This is similar to Connor's answer but allows for more general control of your app's config.

For this particular case you could include the following (replacing ${APP_NAME} with the name of your app, unsurprisingly):

  <edit-config file="${APP_NAME}/${APP_NAME}-Info.plist" target="NSAppTransportSecurity" mode="merge">
    <dict>
      <key>NSAllowsArbitraryLoads</key>
      <false/>
    </dict>
  </edit-config>

回答4:

I have always done this using a Hook script and plistbuddy. So I would place this in the hooks folder, making sure it's set to executable file permissions (755 will do):

    #!/bin/bash

echo "Adjusting plist for App Transport Security exception."
val=$(/usr/libexec/plistbuddy -c "add NSAppTransportSecurity:NSExceptionDomains:DOMAIN_TO_SET_AS_EXCEPTION:NSTemporaryExceptionAllowsInsecureHTTPLoads bool true" platforms/ios/HelloCordova/HelloCordova-Info.plist 2>/dev/null)
echo "Done"

Replace "DOMAIN_TO_SET_AS_EXCEPTION" with your domain e.g. myhost.example.com - I'm not a fan of setting all domains open until you need them so recommend a whitelisting approach.

Then to get this to fire I modify config.xml in the iOS platform section to look like:

    ...
<platform name="ios">
    <hook type="before_build" src="hooks/ios_ats.sh" />
    ...

I wrote a blog post showing this along with a complete example project on Github linked from the post that you can get an appropriate script from.

来源：https://stackoverflow.com/questions/33676673/how-to-add-nsapptransportsecurity-to-cordova-project