• Register
Welcome to Kodlogs, programming questions and answer website.
+1 vote
21 views

Problem :

I am troubled by below mentioned strange looking app transport security error
app transport security has blocked a cleartext http (http://) resource load since it is insecure.
by (6.9k points)  
reopened by

1 Answer

+1 vote
 
Best answer

Solution :

This was tested on iOS 9 GM seed. This is the configuration to allow a specific domain to use HTTP instead of HTTPS:

<key>NSAppTransportSecurity</key>
<dict>
      <key>NSAllowsArbitraryLoads</key> 
      <false/>
       <key>NSExceptionDomains</key>
       <dict>
            <key>example.com</key> <!--Include your domain at this line -->
            <dict>
                <key>NSIncludesSubdomains</key>
                <true/>
                <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
                <true/>
                <key>NSTemporaryExceptionMinimumTLSVersion</key>
                <string>TLSv1.1</string>
            </dict>
       </dict>
</dict>

Note : NSAllowsArbitraryLoads must be false.

As it disallows all insecure connection but the exceptions list allows connection to some domains without HTTPS.

by (36.1k points)  
selected by
...