6

In iOS 9, I can add keys to my info.plist to disable App Transport Security. There are two keys, NSExceptionAllowsInsecureHTTPLoads and NSThirdPartyExceptionAllowsInsecureHTTPLoads, which are defined as:

An optional Boolean value that, when set to YES, allows insecure HTTP loads. Use this key to describe your app’s intended network behavior for a domain whose security attributes you have control over.

and

A version of the NSExceptionAllowsInsecureHTTPLoads key to be used to configure connections to a domain whose security attributes you don’t control.

What security attributes do they refer to? Why does it matter what my intentions are?

What are the circumstances under which I'd use one of these rather than the other?

Simon
  • 25,468
  • 44
  • 152
  • 266

1 Answers1

1

It looks like the two are identical:

http://www.neglectedpotential.com/2015/06/working-with-apples-application-transport-security/

Amin
  • 26
  • 1
  • 8
    If you post a link as part of your answer, you should copy the relevant portion of the linked content into the body of your post. This keeps answers relevant even if the link goes dead. – Rose Kunkel Jul 13 '16 at 17:37