You should look at the NSURLComponents API, which lets you build a URL from its component parts. It will take care of the nightmare that is URL quoting. For example:
import Foundation
let uc = NSURLComponents()
uc.scheme = "http"
uc.host = "query.yahooapis.com"
uc.path = "/v1/public/yql"
uc.queryItems = [
NSURLQueryItem(name: "q", value: "select * from yahoo.finance.quote where symbol in (\"AAPL\")"),
NSURLQueryItem(name: "format", value: "json"),
NSURLQueryItem(name: "env", value: "http://datatables.org/alltables.env")
]
print(uc.URL!.absoluteString)
This prints:
http://query.yahooapis.com/v1/public/yql?q=select%20*%20from%20yahoo.finance.quote%20where%20symbol%20in%20(%22AAPL%22)&format=json&env=http://datatables.org/alltables.env
You can shrink the code by starting with a known, good, no-quoting-required URL string:
import Foundation
let uc = NSURLComponents(string: "http://query.yahooapis.com/v1/public/yql")!
uc.queryItems = … continue as above …
In related, what must I do re the Apple Transport policy to make this secure?
That really depends on the service provider; you’ll have to ask them if they vend the service via HTTPS. If they don’t, accessing the service securely is going to be a challenge. The only reasonable secure option is for you to create your own front end to the service that supports HTTPS. Your app can then talk to your front end securely using HTTPS, which can then talk to the original service via HTTP, making sure to not pass along any identifying information.
The insecure alternatively is to add an ATS exception dictionary to your app.
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>query.yahooapis.com</key>
<dict>
<key>NSAppTransportSecurity</key>
<true/>
</dict>
</dict>
</dict>
WARNING This won’t make your networking secure, it’ll just stop ATS complaining about its insecurity.
Share and Enjoy
—
Quinn "The Eskimo!"
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"