Changes in NSAppTransportSecurity dictionary post 2016

We have an app that is integrated with a mediation network. We end up showing ads through AdMob, Facebook Audience Network and some other ad networks. Due to the recent changes announced by Apple in the ATS configuration, I have a question. The Mediation network SDK has disabled ATS using the key NSAllowsArbitraryLoads : Boolean in the app's info.plist file. This is because the mediation network has certain non-secure connections that can't be excluded via exceptions. For example, when an app user clicks on the ad which has an external HTTP link to the advertiser's website. So ATS is disabled.


I want to know if the app will be rejected post December 2016 because ATS is disabled.

Up vote post of VMAX Down vote post of VMAX
369 views
Posted by
VMAX
Reply
Add a Comment

Replies

To start, let’s be clear that there are two parts to any ATS question:

  • how to make things work technically

  • App Review policy

From a technical perspective, 

NSAllowsArbitraryLoads
is really heavy hammer, disabling ATS for all your requests made by all subsystems within your process. I encourage you to look at the requests actually being made by your app and try to reduce the scope of your ATS exceptions.

From an App Review perspective, I don’t work for App Review and can’t give definitive answers on their behalf. My App Transport Security pinned post has references to the information that App Review has published about this policy change.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment