Application Transport Security ?

Apple Recommended

Replies

How to fix this error in Xcode 7 beta 5 ? pls help me

Opting out of ATS for me only works on the devices - iPad2, iPhone 4s...

The simulator still refuses to load the app!


objC - Xcode beta4 - deployment target 8.4

for me worked fine, in an iphone 6+ and also in iphone6 simulator with iOS 8.4

Does anyone know about the real-world implications on existing apps?


For example: I have an app in the app store, compiled agains iOS 8 SDK making massive use of localy stored http (not https) and javascript content. Will my app/webview break and fail to load as soon as users upgrade to iOS 9?


If so, this will be a desaster, regarding the uncountable number of apps with WebViews on the app store. I can't imagine they will all break?


Edit: Nevermind, just found the answer:

"Apps built against earlier SDKs will behave as they always have."

https://forums.developer.apple.com/message/40668#40668

I'm trying to run an app in the Watch, using XCode beta 4.

I already added the ATS keys in the plist to shut down ATS functionality. Once I did that, I'm still getting the error:


Optional(Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={NSErrorFailingURLStringKey=https://hostURL, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, NSErrorFailingURLKey=https://hostURL, _kCFStreamErrorCodeKey=-9801, _kCFStreamErrorDomainKey=3, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made.})

Any ideas if this is already fixed in Watch OS 2, or will it be available for the Watch?


Thanks in advance.

Not working for me in Beta 5 for "localhost", and neither in Beta 6

Edit: Nevermind, just found the answer:

"Apps built against earlier SDKs will behave as they always have."


Hi Auco


I don't think this is true though? My app's deployment target is set to 5.1.1, but my app fails on my iOS 9 device.

It's not the deployment target that matters, but rather that you're compiling against the iOS 9 SDK.

The keys are not correct. The correct ones are:


NSRequiresCertificateTransparency

NSTemporaryExceptionRequiresForwardSecrecy

NSTemporaryThirdPartyExceptionAllowsInsecureHTTPLoads

NSTemporaryThirdPartyExceptionMinimumTLSVersion

NSTemporaryThirdPartyExceptionRequiresForwardSecrecy


See:

http://ste.vn/2015/06/10/configuring-app-transport-security-ios-9-osx-10-11/

So if my app still crashes while im building against the latest sdk(ios 9.0) what other options are there to fix this issue?

Does anyone know if this problem can afflict also iAd? Because also iAd does not work anymore with Xcode 7 and I think the problem is the same (ATS). But disabling ATS as suggested here does not work.

Help please

I went out and bought a cert.

How to i add this in info,plist?


  1. <key>NSAppTransportSecurity</key>
  2. <dict>
  3. <key>NSAllowsArbitraryLoads</key><true/>
  4. </dict>

thanks!