iOS App Transport Security has blocked a cleartext HTTP resource load since it is insecure

問題:
App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file.

Apple在iOS9之後新增App Transport Security(ATS)的機制,禁止訪問未加密的連線,如果沒有特別排除這個設定,會遇到這個錯誤。

解決方法:
1. 設定排除domain
<key>NSAppTransportSecurity</key>
    <dict>
        <key>NSExceptionDomains</key>
        <dict>
            <key>www.domain.com</key>
            <dict>
                <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
                <true/>
            </dict>
        </dict>
    </dict>

2. 關閉ATS機制,此方法允許訪問ip位址
 <key>NSAppTransportSecurity</key>
    <dict>
        <key>NSAllowsArbitraryLoads</key>
        <true/>
    </dict>


reference:
https://forums.developer.apple.com/thread/6205

https://developer.apple.com/library/prerelease/ios/technotes/App-Transport-Security-Technote/

留言

這個網誌中的熱門文章

Java Servlet MVC web app

JavaMail透過Gmail寄信發生AuthenticationFailedException錯誤