I have tried all the methods of here for solving the problem of: "Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file."
But if I try for example adding this in my plist file:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>www.myserver.com</key>
<dict>
<!--Include to allow subdomains-->
<key>NSIncludesSubdomains</key>
<true/>
<!--Include to allow HTTP requests-->
<key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
<true/>
<!--Include to specify minimum TLS version-->
<key>NSTemporaryExceptionMinimumTLSVersion</key>
<string>TLSv1.1</string>
</dict>
</dict>
</dict>
I get an error:"Unsupported URL", where in this case my link, looks like this:
let url:NSURL = NSURL(string: "www.myserver.com/jsonsignup.php")
But if I would use:
let url:NSURL = NSURL(string: "http://www.myserver.com/jsonsignup.php")
I would get the same error of Transport Security as mentioned above.
Any help?
I had the same issue. I tried adding it to info.plist but it did not work for me either. So I tried this and it worked.
Click on your project name in the "Project Navigator" then click on info. And add it there. See highlighted.
Before I tried selecting the plist from my project navigator under supporting files and for some reason it did not work. The above should work for you.
Note: This will allow all connections.
Are you using http://request ? then add following code in your .plist file.
<key>NSAppTransportSecurity</key>
<dict>
<!--Include to allow all connections (DANGER)-->
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
I hope it's work for you.
Related
i'm from official find fetch only support https, but now, i use Mock data, the url is http, official said if support http must change info.plist, add NSAppTransportSecurity and NSAllowsArbitraryLoads, below the image:
i add App Transport Security Settings and children row Allow Arbitrary Loads,
the request http not support! please ask how to resolve support Mock http request in react-native ? Thanks!
i use Mock is Alibaba "Rap" Mock address, it's only support Mock http request!
Info.plist will take effect after recompiling your app.
Probably you need to recompile your app by rerun react-native run-ios or rerun from Xcode.
You should not use NSAllowsArbitraryLoads must be set to false.
Instead you should add an exception to your domain.
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>yourserver.com</key>
<dict>
<!--Include to allow subdomains-->
<key>NSIncludesSubdomains</key>
<true/>
<!--Include to allow HTTP requests-->
<key>NSExceptionAllowsInsecureHTTPLoads</key>
<true/>
<!--Include to specify minimum TLS version-->
<key>NSTemporaryExceptionMinimumTLSVersion</key>
<string>TLSv1.1</string>
</dict>
</dict>
</dict>
Right now you are exposing your device to vunerabilities.
Checkout this post
I am trying to configure App Transport security, but I am always getting a response from Security Scan that it is not properly configured. I am using Appcelerator SDK 7.0.1 for iOS.
Scan result:
App Transport Security
App Transport Security (ATS), which is a networking security feature that ensures network connections employ the most secure protocols and ciphers, was found to be misconfigured.
NSAllowsArbitraryLoads set YES
This is a part of my tiapp.xml
<property name="ios.whitelist.appcelerator.com" type="bool">false</property>
<ios>
<enable-launch-screen-storyboard>true</enable-launch-screen-storyboard>
<use-app-thinning>true</use-app-thinning>
<plist>
<dict>
<key>UISupportedInterfaceOrientations~iphone</key>
<array>
<string>UIInterfaceOrientationPortrait</string>
</array>
<key>UISupportedInterfaceOrientations~ipad</key>
<array>
<string>UIInterfaceOrientationPortrait</string>
<string>UIInterfaceOrientationPortraitUpsideDown</string>
</array>
<key>UIRequiresPersistentWiFi</key>
<false/>
<key>UIPrerenderedIcon</key>
<false/>
<key>UIStatusBarHidden</key>
<false/>
<key>UIStatusBarStyle</key>
<string>UIStatusBarStyleDefault</string>
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
</dict>
</plist>
</ios>
It is done as specified in documentation:
http://docs.appcelerator.com/platform/latest/#!/api/Titanium.Network
What am I doing wrong? Thanks in advance for help.
Setting NSAllowsArbitraryLoads to true disables ATS, meaning that all URL's will be allowed and no restriction is configured. This is how it is configured by default in Titanium, to ensure backwards compatibility for apps upgrading to newer SDK versions. It can be overridden to either specify allowed domains (whitelisting) or by disabling NSAllowsArbitraryLoads.
The docs are still incorrect as Nirman pointed, so I just updated them (as I couldn't find the pull request mentioned earlier).
We need to set NSAllowsArbitraryLoads key to NO to enable ATS and get rid of the security warning.
I think the documentation is wrong. I have submitted a CR on github to update the doc page.
in my info.plist under property NSAppTransportSecurity I added a set of domains with which my app communicates. But for some reasons my settings works only for some of added domains, not for all but I don't know why. I would be very helpful for any idea. Thanks in advance.
For example now it works for domain googleapis.com but not for imeteo.sk, imeteo.cz or any subdomain ( http://m.imeteo.cz )
Here is snippet of my info.plist
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowExceptionDomains</key>
<dict>
<key>imeteo.cz</key>
<dict>
<key>NSExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSExceptionMinimumTLSVersion</key>
<string>TLSv1.1</string>
<key>NSIncludesSubdomains</key>
<true/>
</dict>
<key>imeteo.sk</key>
<dict>
<key>NSExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSExceptionMinimumTLSVersion</key>
<string>TLSv1.1</string>
<key>NSIncludesSubdomains</key>
<true/>
</dict>
<key>googleapis.com</key>
<dict>
<key>NSExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSExceptionMinimumTLSVersion</key>
<string>TLSv1.1</string>
<key>NSIncludesSubdomains</key>
<true/>
</dict>
</dict>
</dict>
After trying to load some of this domains or subdomains in webview I'm getting this :
App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file.
Try to replace NSExceptionAllowsInsecureHTTPLoads and NSExceptionMinimumTLSVersion with NSTemporaryExceptionAllowsInsecureHTTPLoads and NSTemporaryExceptionMinimumTLSVersion as is told in:
http://www.neglectedpotential.com/2015/06/working-with-apples-application-transport-security/
Also, I'm using NSExceptionDomains instead of NSAllowExceptionDomains.
This question already has answers here:
App Transport Security and IP addresses in iOS9
(4 answers)
Closed 7 years ago.
I am using following code in my plist to add my server exception to App Transport Security protocol.
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>172.16.4.139</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSExceptionRequiresForwardSecrecy</key>
<true/>
<key>NSExceptionMinimumTLSVersion</key>
<string>TLSv1.2</string>
<key>NSThirdPartyExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
<false/>
<key>NSThirdPartyExceptionMinimumTLSVersion</key>
<string>TLSv1.2</string>
<key>NSRequiresCertificateTransparency</key>
<false/>
</dict>
</dict>
</dict>
but it is giving message "The resource could not be loaded because the App Transport Security policy requires the use of a secure connection.".
What i am doing wrong?
Hard-coded IP address wont work in iOS 9.
Check this answer.
I am trying to create a Finder context menu item using a service (as described here: Writing a Snow Leopard Service for Finder.app )
However, I wish to add a context menu entry for folders only.
Whenever I put the following code in my .plist file:
<key>NSServices</key>
<array>
<dict>
<key>NSMenuItem</key>
<dict>
<key>default</key>
<string>Service Handling Demo</string>
</dict>
<key>NSMessage</key>
<string>handleServices</string> <!-- This specifies the selector -->
<key>NSPortName</key>
<string>Tmp</string> <!-- This is the name of the app -->
<key>NSSendTypes</key>
<array>
<string>NSFilenamesPboardType</string>
</array>
</dict>
</array>
Everything works fine, I can select my service in the Services tab (keyborad shourtcuts) and run it.
However, if I try to use the service for folders:
<key>NSServices</key>
<array>
<dict>
<key>NSMenuItem</key>
<dict>
<key>default</key>
<string>Service Handling Demo</string>
</dict>
<key>NSMessage</key>
<string>handleServices</string> <!-- This specifies the selector -->
<key>NSPortName</key>
<string>Tmp</string> <!-- This is the name of the app -->
<key>NSSendFileTypes</key>
<array>
<string>public.directory</string>
</array>
<key>NSSendTypes</key>
<array>
<string>NSStringPboardType</string>
</array>
</dict>
</array>
The service does not appear in the keyboard shortcuts' menu and of course is not visible in finder...
What am I missing?
Add the following code to the .plist:
<key>NSServices</key>
<array>
<dict>
<key>NSMenuItem</key>
<dict>
<key>default</key>
<string>Folder Handling Demo</string>
</dict>
<key>NSMessage</key>
<string>handleServices</string> <!-- This specifies the selector -->
<key>NSPortName</key>
<string>Tmp</string> <!-- This is the name of the app -->
<!-- Here we're limiting where the service will appear. -->
<key>NSRequiredContext</key>
<dict>
<key>NSTextContent</key>
<string>FilePath</string>
</dict>
<!-- This service is only really useful from the Finder. So
we want the finder only to send us the URI "public.directory"
which *will* include packages (on the off-chance you want to
see the full package directory name) -->
<key>NSSendFileTypes</key>
<array>
<!-- Check out "System-Declared Uniform Type Identifiers"
in the Apple documentation for the various UTI types.
In this example, all we want is a directory, which is
a super-type to other types (e.g. public.folder) -->
<string>public.folder</string>
</array>
</dict>
And the service will appear under "Files and Folders" group in the services list (keyboard shortcuts tab).