The resource could not be loaded because the App Transport Security policy requires the use of a secure connection
I have solved it with adding some key in info.plist.
The steps I followed are:
Opened my Project target's
info.plist
fileAdded a Key called
NSAppTransportSecurity
as aDictionary
.Added a Subkey called
NSAllowsArbitraryLoads
asBoolean
and set its value toYES
as like following image.
Clean the Project and Now Everything is Running fine as like before.
Ref Link: https://stackoverflow.com/a/32609970
EDIT:
OR In source code of info.plist
file we can add that:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
<key>NSExceptionDomains</key>
<dict>
<key>yourdomain.com</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
<false/>
</dict>
</dict>
</dict>
Transport security has blocked a cleartext HTTP
If you are using Xcode 8.0+ and Swift 2.2+ or even Objective C:
If you want to allow HTTP connections to any site, you can use this keys:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
If you know which domains you will connect to add:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>example.com</key>
<dict>
<key>NSExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSIncludesSubdomains</key>
<true/>
</dict>
</dict>
</dict>
Disable App Transport Security in Xcode 9.2?
I didn't originally put it together, but I think what is happening is that with iOS 11, Apple is supporting HSTS. I believe that support for HSTS preload lists, in combination with Google recently adding the .dev TLD to the HSTS preload list, is likely causing iOS to try to force you to use https, which is failing (I missed that you are trying to use a .dev local domain for testing, which is really the key element here).
I think your only solution is to change your local testing domain to something other than a .dev domain. If you do that, you should be able to connect, and it won't try to force you to https on your local dev environment.
In short, Google has gotten rights to the .dev top level domain, and recently added it to the HSTS preload list to force all communication with .dev domains to be secure. On devices that support HSTS preload lists, this causes all traffic to redirect through HTTPS, which will cause errors on servers that don't support HTTPS.
How do I load an HTTP URL with App Transport Security enabled in iOS 9?]
See Apple’s Info.plist reference for full details (thanks @gnasher729).
You can add exceptions for specific domains in your Info.plist:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>testdomain.com</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSExceptionRequiresForwardSecrecy</key>
<true/>
<key>NSExceptionMinimumTLSVersion</key>
<string>TLSv1.2</string>
<key>NSThirdPartyExceptionAllowsInsecureHTTPLoads</key>
<false/>
<key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
<true/>
<key>NSThirdPartyExceptionMinimumTLSVersion</key>
<string>TLSv1.2</string>
<key>NSRequiresCertificateTransparency</key>
<false/>
</dict>
</dict>
</dict>
All the keys for each excepted domain are optional. The speaker did not elaborate on any of the keys, but I think they’re all reasonably obvious.
(Source: WWDC 2015 session 703, “Privacy and Your App”, 30:18)
You can also ignore all app transport security restrictions with a single key, if your app has a good reason to do so:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
If your app does not have a good reason, you may risk rejection:
Setting NSAllowsArbitraryLoads to true will allow it to work, but Apple was very clear in that they intend to reject apps who use this flag without a specific reason. The main reason to use NSAllowsArbitraryLoads I can think of would be user created content (link sharing, custom web browser, etc). And in this case, Apple still expects you to include exceptions that enforce the ATS for the URLs you are in control of.
If you do need access to specific URLs that are not served over TLS 1.2, you need to write specific exceptions for those domains, not use NSAllowsArbitraryLoads set to yes. You can find more info in the NSURLSesssion WWDC session.
Please be careful in sharing the NSAllowsArbitraryLoads solution. It is not the recommended fix from Apple.
— kcharwood (thanks @marco-tolman)
air 19 & iOs 9 App Transport Security
you are correct. You have to add these lines to your app's descriptor:
<InfoAdditions>
<![CDATA[
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>yourapiurl.com</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSExceptionAllowsInsecureHTTPLoads</key>
<true/>
</dict>
</dict>
</dict>
]]>
</InfoAdditions>
This basically says you want to allow non-secure urls to be called within your app. iOS9 newly requests HTTPS for all api calls.
Full article here: http://htmlspank.tumblr.com/post/130674234457/ioerror-2032-ios9-adobe-air-and-ats
Related Topics
How to Change Height of Uitableviewcell Real-Time
How Do iOS Push Notifications Work
Pod Install Displaying Error in Cocoapods Version 1.0.0.Beta.1
Module Was Not Compiled for Testing' When Using @Testable
Uitableviewcell with Uiwebview Dynamic Height
A Launch Storyboard or Xib Must Be Provided Unless the App Requires Full Screen
iOS Floating Video Window Like Youtube App
How to Import Private Framework Headers in a Swift Framework
Any Way to Install App to iPhone 4 with Xcode 8 Beta
Tableview Rounded Corners and Shadow
Variable Used Before Being Initialized in Function
How to Use Charles Proxy on the Xcode 6 (iOS 8) Simulator
Get Input Value from Textfield in iOS Alert in Swift
iOS 8.1 Simulator Localization Broken (Nslocalizedstring)
Where Are iOS Simulator Screenshots Stored
Ios: Change the Height of Uisegmentedcontrol
Using Global Variables in Objective-C
How to Expand Uicollectionview Contentsize When Paging Enable