App Transport Security has blocked a cleartext HTTP resource

问题

I am using Socket.IO library in swift and I keep getting this error:

App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file.

when I am trying to send an http request. I added the keys to plist according to the official apple documentation, but it did not help.

回答1:

You need to correct it like this:

To make it easier, this is the correct xml in the info.plist

<key>NSAppTransportSecurity</key>
    <dict>
        <key>NSExceptionDomains</key>
        <dict>
            <key>localhost</key>
            <dict>
                <key>NSIncludesSubdomains</key>
                <true/>
                <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
                <true/>
                <key>NSTemporaryExceptionMinimumTLSVersion</key>
                <string>TLSv1.1</string>
            </dict>
        </dict>
    </dict>

change the localhost to your actual server

Check the table for NSAppTransportSecurity options

If you want to all communications with any domain, you can do this:

 <key>NSAppTransportSecurity</key>
    <dict>
        <key>NSAllowsArbitraryLoads</key>
        <true/>
    </dict>

However, you should use the latest just in the developing phase.

回答2:

Another way to solve this, which I found more convenient, is to disable App Transport Security by default using the NSAllowsArbitraryLoads key. So any domains you do not include in the NSExceptionDomains dictionary (or if you don't include NSExceptionDomains at all) will not be subject to App Transport Security.

回答3:

I see a wrong key and a typo in your screenshot. Here is a working example:

回答4:

Xcode project -> go to info.plist and Click + Button then Add (App Transport Security Settings)Expand, Allow Arbitrary Loads Set YES. Thanks

回答5:

I'm working in xCode 8.2. It's a little different, but editing the PLIST file you need to add this two Items in the App Transport Security Settings Line... :

Allow Arbitrary Loads and Allow Arbitrary Loads in Web Content... and give them both the key YES.

It worked for me, hope this work for you and sorry for my English.

回答6:

@William Kinaan has the best answer, but it would seem to make best sense to be sure to add the NSAllowsArbitraryLoads underneath the exception domain "localhost" ... and not at the higher NSTransportSecurity level which opens that up to all domains.

来源：https://stackoverflow.com/questions/32761042/app-transport-security-has-blocked-a-cleartext-http-resource