Colleagues
Came across something strange when testing an upgraded Xcode 7.1 with Swift 2.1 for webviews.
Updated the plist.info to reflect the required settings (note some of the previous names for keys have changed!!):
NSAppTransportSecurity (key now auto updates to App Transport Security Settings)
NSAllowsArbitraryLoads (key now auto updates to Allow Arbitrary Loads)
NSExceptionDomains (key now auto updates to Exception Domains)
<domain name>
NSExceptionAllowsInsecureHTTPLoads
NSIncludesSubdomains
Testing this on iPhone simulator under iOS 8 works fine. Now with iOS 9.1 simulator and on a device the webload fails with the following error reported:
Error Domain=NSURLErrorDomain Code=-1022 "The resource could not be loaded because the App Transport Security policy requires the use of a secure connection."
Checked the App Transport Security Technote to see if there is anything else changed. The release notes for Xcode 7.1 does not shed any light on ATS (note this document still uses the previous name for all keys and has not been updated to refelct changes introduced in Xcode 7.1).
App builds for iOS 9.1 appear to ignore or overwrite the plist settings.
a) Has anyone else discovered this anomaly?
b) Is this a bug or the strong signal from Apple that all Apps must now link only to HTTPS websites?
Any thoughts or suggestions welcome. Thanks.