App Transport Security Xcode 7 Beta 6

App Transport Security Xcode 7 beta 6

I, too, had trouble overriding App Transport Security after upgrading to xCode 7.0, and tried the same kinds of solutions you have to no avail. After walking away from it for awhile, I noticed that I had made the changes to the Info.plist under Supporting Files of "MyAppName Tests" rather than the one in the project itself. The Supporting Files folder in my project wasn't expanded, so I hadn't even noticed the Info.plist in it.

Typical amateur mistake, I'm sure, but they're only a couple of lines apart in the Project Navigator and it had me frustrated until I noticed the distinction. Thought I'd mention it in case you're having the same problem.

The resource could not be loaded because the App Transport Security policy requires the use of a secure connection

I have solved it with adding some key in info.plist.
The steps I followed are:

  1. Opened my Project target's info.plist file

  2. Added a Key called NSAppTransportSecurity as a Dictionary.

  3. Added a Subkey called NSAllowsArbitraryLoads as Boolean and set its value to YES as like following image.

Sample Image

Clean the Project and Now Everything is Running fine as like before.

Ref Link: https://stackoverflow.com/a/32609970

EDIT:
OR In source code of info.plist file we can add that:

<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
<key>NSExceptionDomains</key>
<dict>
<key>yourdomain.com</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
<false/>
</dict>
</dict>
</dict>

How do I load an HTTP URL with App Transport Security enabled in iOS 9?]

See Apple’s Info.plist reference for full details (thanks @gnasher729).

You can add exceptions for specific domains in your Info.plist:

<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>testdomain.com</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSExceptionRequiresForwardSecrecy</key>
<true/>
<key>NSExceptionMinimumTLSVersion</key>
<string>TLSv1.2</string>
<key>NSThirdPartyExceptionAllowsInsecureHTTPLoads</key>
<false/>
<key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
<true/>
<key>NSThirdPartyExceptionMinimumTLSVersion</key>
<string>TLSv1.2</string>
<key>NSRequiresCertificateTransparency</key>
<false/>
</dict>
</dict>
</dict>

All the keys for each excepted domain are optional. The speaker did not elaborate on any of the keys, but I think they’re all reasonably obvious.

(Source: WWDC 2015 session 703, “Privacy and Your App”, 30:18)

You can also ignore all app transport security restrictions with a single key, if your app has a good reason to do so:

<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>

If your app does not have a good reason, you may risk rejection:

Setting NSAllowsArbitraryLoads to true will allow it to work, but Apple was very clear in that they intend to reject apps who use this flag without a specific reason. The main reason to use NSAllowsArbitraryLoads I can think of would be user created content (link sharing, custom web browser, etc). And in this case, Apple still expects you to include exceptions that enforce the ATS for the URLs you are in control of.

If you do need access to specific URLs that are not served over TLS 1.2, you need to write specific exceptions for those domains, not use NSAllowsArbitraryLoads set to yes. You can find more info in the NSURLSesssion WWDC session.

Please be careful in sharing the NSAllowsArbitraryLoads solution. It is not the recommended fix from Apple.

— kcharwood (thanks @marco-tolman)

App Transport Security policy error after setting Arbitrary Loads to YES

This structure is wrong:

    <key>NSExceptionDomains</key>
<dict>
<key>The domain</key>
<dict>
<key>**my domain here**</key>
<dict/>
</dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSExceptionAllowsInsecureHTTPLoads</key>
<true/>
</dict>

It should be:

    <key>NSExceptionDomains</key>
<dict>
<key>The domain</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSExceptionAllowsInsecureHTTPLoads</key>
<true/>
</dict>
</dict>

_BSMachError XCode 7 Beta

Although this problem seems to persist as a bug and will likely be fixed, it stems from the new App Transport Security that has been implemented in iOS 9.

If your application pulls data from a web server, in order to populate the View Controller that you will be presenting, you can resolve these errors by verifying/granting access to the particular site(s) you're pulling from.

In order to address this you will add the following to your App's .plist file:

  • You may want to alter your ATS Exception Dictionary to fit your needs

    <key>NSAppTransportSecurity</key>
    <dict>
    <key>NSExceptionDomains</key>
    <dict>
    <key>testdomain.com</key>
    <dict>
    <key>NSIncludesSubdomains</key>
    <false/>
    <key>NSExceptionAllowsInsecureHTTPLoads</key>
    <false/>
    <key>NSExceptionRequiresForwardSecrecy</key>
    <true/>
    <key>NSExceptionMinimumTLSVersion</key>
    <string>TLSv1.2</string>
    <key>NSThirdPartyExceptionAllowsInsecureHTTPLoads</key>
    <false/>
    <key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
    <true/>
    <key>NSThirdPartyExceptionMinimumTLSVersion</key>
    <string>TLSv1.2</string>
    <key>NSRequiresCertificateTransparency</key>
    <false/>
    </dict>
    </dict>
    </dict>

More details to this solution can be found here or here
The Apple Documentation for App Transport Security is worth reading too.

App Transport Security: configuring info.plist throws an error in React Native

Yeah, usually after you modify a project in XCode, you should do Product-> Clean.

Xcode 7 beta 6 stuck on copying Pkginfo

Working with betas is a little bit hard and sometimes strange things happen, like this one.

When something suddenly stops working you should try a restart for your Mac and for your IPhone especially when it works on simulator but on phone not.

This must be your first solution when things like this happen.



Related Topics



Leave a reply



Submit