NSURL Response Status Meaning

Hi,

I'm fairly new to swift 3 but have done a couple practice apps where I'm going to web pages and pulling data. I started to make a new app but this time when I get the data back it is blank. If I look at the the task response [print(response)] I get the following:


Optional(<NSHTTPURLResponse: 0x61000002e6a0> { URL: https url goes here } { status code: 404, headers {"Strict-Transport-Security" = "max-age=86400";

} })


It seems there is an issue with the security of it being a HTTPS. I have the info.plist settings as:


App Transport Security Settings

Execption Domains

detroit.craigslist.org

NSIncludesSubdomains [Boolean - YES]

NSTemporaryExceptionAllowsInsecureHTTPSLoads [Boolean - YES]

Allow Arbitrary Loads [Boolean - NO]



My question is what can I do to resolve this error so I may pull data from the server? Thanks.




Here is my code:


let group = DispatchGroup()

group.enter()

if let url = URL(string: https url goes here)

let request = NSMutableURLRequest(url: url)

let task = URLSession.shared.dataTask(with: request as URLRequest) {

data, response, error in

if error != nil {

print("error")

} else {

if let unwrappedData = data {

let dataString = NSString(data: unwrappedData, encoding: String.Encoding.utf8.rawValue)

print(dataString)

}

}

group.leave()

}

task.resume()

}

Replies

The server is using HSTS, a reinforced security


"HTTP Strict Transport Security (HSTS) is an opt-in security enhancement that is specified by a web application through the use of a special response header. Once a supported browser receives this header that browser will prevent any communications from being sent over HTTP to the specified domain and will instead send all communications over HTTPS"


It seems (search result) that you can call HSTS sites, but I've not found examples on how to do it with Swift App.


May be the RFC will give you some hints ?

h ttps://tools.ietf.org/html/rfc6797


I found this :

8.3. URI Loading and Port Mapping

there are requirements on port in the URL: (point 5)

The UA MUST replace the URI scheme with "https" [RFC2818], and

if the URI contains an explicit port component of "80", then

the UA MUST convert the port component to be "443", or

if the URI contains an explicit port component that is not

equal to "80", the port component value MUST be preserved;

otherwise,

if the URI does not contain an explicit port component, the UA

MUST NOT add one.


That could explain why it works in browser (which does what is required from UA) and not yet from your code.

I tried the craiglist url, and I received a security warning: i would need to accet to access.

Server Error 404

Claude31 already posted a lot of helpful info. In addition to that I recommend you read Debugging HTTP Server-Side Errors, which describes my general process for investigating issues like this.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"