Stack Overflow
Stack Overflow

Questions tagged [nsapptransportsecurity]

This macOS/iOS Info.plist key specifies exceptions to the default strong Internet security in iOS and OS X apps and in app extensions.

NSAppTransportSecurity is a key in an application's Info.plist file that leads to a dictionary value that contains instructions on how to modify an application's HTTP connection security policy.

41 questions
11
votes
6 answers

Cannot load HTTP links in UIWebView in iOS 9

I am trying to load HTTP links within UIWebView. The links are from my website so they are reliable. I have searched the internet and found the solution here: How can I add NSAppTransportSecurity to my info.plist file? After following that solution…
Skywalker
  • 4,984
  • 16
  • 57
  • 122
8
votes
1 answer

CFNetwork internal error: CFNetworkInternal.h:478

My iOS device logs (on simulator and real devices) was filled with a couple dozen lines of the following error spam: CFNetwork internal error…
Mike Lambert
  • 1,976
  • 1
  • 17
  • 31
7
votes
2 answers

iOS 9 ATS - Disable Forward Secrecy for all domains

With ATS enabled in iOS 9 many of my customers are unable to meet the forward secrecy requirement. They can however meet the https and TLS 1.2 requirements. Due to this I would like to relax the forward secrecy requirements whilst keeping the https…
Polar Bear
  • 918
  • 2
  • 7
  • 19
6
votes
1 answer

What is the difference between NSExceptionAllowsInsecureHTTPLoads and NSThirdPartyExceptionAllowsInsecureHTTPLoads?

In iOS 9, I can add keys to my info.plist to disable App Transport Security. There are two keys, NSExceptionAllowsInsecureHTTPLoads and NSThirdPartyExceptionAllowsInsecureHTTPLoads, which are defined as: An optional Boolean value that, when set to…
Simon
  • 25,468
  • 44
  • 152
  • 266
5
votes
2 answers

NSAppTransportSecurity for Exception of 2 domains

Since my domain doesn't have an SSL Certificate atm I use the NSExceptionDomains to allow the domain to load anyway. I use the following code in the Info.plist to allow both the domain and it's subdomains NSAppTransportSecurity
Mr Riksson
  • 560
  • 3
  • 10
  • 29
5
votes
3 answers

App Transport Security, exception domain issue

In an iOS app, I am having troubles with App Transport Security: I have read many post on the net, but for some reason what I set in my Info.plist seems to be ignored. I have tried several possibilities, here is the last one:
Michel
  • 10,303
  • 17
  • 82
  • 179
3
votes
1 answer

How to allow loading png from http via adding NSExceptionDomains in ATS?

in exercise https://github.com/Mairoslav/5networkAndGDC/tree/main/ImageRequest I would like to allow the jpg to be loaded from the web site with "http" scheme by adjusting NSAppTransportSecurity in Info.plist as written below. I do not want to allow…
mairo
  • 155
  • 8
3
votes
1 answer

Allowing NSArbitrary loads in IOS 9

We are an online payments app which allows users to pay to different merchants through credit, debit cards or net banking. Since apple has introduced App Transport Security in IOS 9.0, we are facing issues while loading different bank urls in…
user3090166
  • 41
  • 3
3
votes
4 answers

NSAppTransportSecurity: Not working with correct settings

As many developers out there I get some data from a webserver via http. Since XCOde7/iOS9 I need to mark the used domains as an exception in my apps plist. This worked out for all of my domains except one. Important: It is no solution for me to…
Philipp Otto
  • 4,061
  • 2
  • 32
  • 49
2
votes
1 answer

Included a HTTP (not HTTPS) URL link in my iOS App, do I need to disable App Transport Security?

My iOS app included a privacy policy URL link, when users tap on it, it will open a HTTP (not HTTPS) page of my website in Safari, so do I need to disable App Transport Security for this? NSAppTransportSecurity