We are building sdk which is used by apps. in our sdk we use both http and https for different purposes. From this year’s app wwdc conference, it’s said that all apps need to switch to ATS by the end of 2016 for it to be able to pass app submission process. I want to ask if app will be rejected because of our sdk which uses http? In other words, do we need to change our sdk to not use http by the end of 2016?
Thanks,
Yi
I want to ask if app will be rejected because of our sdk which uses http?
That depends. App Review will require that apps with ATS exceptions provide “reasonable justification” for those exceptions. As to what’s “reasonable”, ultimately it’s App Review’s call but it’s hard to offer any insight without knowing more about what your SDK does.
My App Transport Security pinned post provides links to documentation that provides some insight into this.
In other words, do we need to change our sdk to not use http by the end of 2016?
You should aim to switch to ATS-compliant HTTPS as soon as possible. That’s the easiest way to avoid this entire issue.
Frankly, you should have started this process last year, when ATS was first introduced )-:
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"