How to add NSExceptionDomains to plist of xcode Version 7.0.1?

Asked 6/10, 2015 at 5:10 Answered 16/10, 2015 at 3:29

I would like to bundle a HTML based website as an iPhone app using Xcode Version 7.0.1, everything works fine and my only issue is that when I test the application on iPhone 4s, it wont show images that are accessed through http. However, I could access images of another website that provide https access to its images.

Is there any way to add http support to the bundle?

Update

I added an NSExceptionDomains to my plist file, but I still have the same issue

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>CFBundleDevelopmentRegion</key>
    <string>English</string>
    <key>CFBundleDisplayName</key>
    <string>My Project</string>
    <key>CFBundleExecutable</key>
    <string>${EXECUTABLE_NAME}</string>
    <key>CFBundleIcons</key>
    <dict/>
    <key>CFBundleIcons~ipad</key>
    <dict/>
    <key>CFBundleIdentifier</key>
    <string>com.myproject.names</string>
    <key>CFBundleInfoDictionaryVersion</key>
    <string>1.0</string>
    <key>CFBundleName</key>
    <string>${PRODUCT_NAME}</string>
    <key>CFBundlePackageType</key>
    <string>APPL</string>
    <key>CFBundleShortVersionString</key>
    <string>1.0.1</string>
    <key>CFBundleSignature</key>
    <string>myproject</string>
    <key>CFBundleVersion</key>
    <string>1.1</string>
    <key>LSRequiresIPhoneOS</key>
    <true/>
    <key>NSAppTransportSecurity</key>
    <dict>
        <key>NSAllowsArbitraryLoads</key>
        <true/>
    </dict>
    <key>UIMainStoryboardFile</key>
    <string>Main_iPhone</string>
    <key>UIMainStoryboardFile~ipad</key>
    <string>Main_iPad</string>
    <key>UIRequiresFullScreen</key>
    <string>YES</string>
    <key>UIStatusBarHidden</key>
    <false/>
    <key>UIStatusBarStyle</key>
    <string>UIStatusBarStyleLightContent</string>
    <key>UISupportedInterfaceOrientations</key>
    <array>
        <string>UIInterfaceOrientationPortrait</string>
    </array>
    <key>UISupportedInterfaceOrientations~ipad</key>
    <array>
        <string>UIInterfaceOrientationPortrait</string>
    </array>
    <key>UIViewControllerBasedStatusBarAppearance</key>
    <false/>
    <key>NSAppTransportSecurity</key>
    <dict>
        <key>NSExceptionDomains</key>
        <dict>
            <key>appanalytics.embarcadero.com</key>
            <dict>
                <key>NSExceptionAllowsInsecureHTTPLoads</key><true/>
            </dict>
        </dict>
    </dict>
</dict>
</plist>

I also tried following based on this question

<dict>
        <key>NSExceptionDomains</key>
        <dict>
            <key>mydomain.com</key>
            <dict>
                <!--Include to allow subdomains-->
                <key>NSIncludesSubdomains</key>
                <true/>
                <!--Include to allow HTTP requests-->
                <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
                <true/>
                <!--Include to specify minimum TLS version-->
                <key>NSTemporaryExceptionMinimumTLSVersion</key>
                <string>TLSv1.1</string>
            </dict>
        </dict>
    </dict>

Update

I added the code mentioned in here but still have the same issue.

Update

As suggested, I changed the plist to following but still has the same issue. Also, I added http:// to values of key tags to no avail.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>CFBundleDevelopmentRegion</key>
    <string>English</string>
    <key>CFBundleDisplayName</key>
    <string>My Project</string>
    <key>CFBundleExecutable</key>
    <string>${EXECUTABLE_NAME}</string>
    <key>CFBundleIcons</key>
    <dict/>
    <key>CFBundleIcons~ipad</key>
    <dict/>
    <key>CFBundleIdentifier</key>
    <string>com.myproject.names</string>
    <key>CFBundleInfoDictionaryVersion</key>
    <string>1.0</string>
    <key>CFBundleName</key>
    <string>${PRODUCT_NAME}</string>
    <key>CFBundlePackageType</key>
    <string>APPL</string>
    <key>CFBundleShortVersionString</key>
    <string>3.1.6</string>
    <key>CFBundleSignature</key>
    <string>myproject</string>
    <key>CFBundleVersion</key>
    <string>1.2</string>
    <key>LSRequiresIPhoneOS</key>
    <true/>
    <key>UIMainStoryboardFile</key>
    <string>Main_iPhone</string>
    <key>UIMainStoryboardFile~ipad</key>
    <string>Main_iPad</string>
    <key>UIRequiresFullScreen</key>
    <string>YES</string>
    <key>UIStatusBarHidden</key>
    <false/>
    <key>UIStatusBarStyle</key>
    <string>UIStatusBarStyleLightContent</string>
    <key>UISupportedInterfaceOrientations</key>
    <array>
        <string>UIInterfaceOrientationPortrait</string>
    </array>
    <key>UISupportedInterfaceOrientations~ipad</key>
    <array>
        <string>UIInterfaceOrientationPortrait</string>
    </array>
    <key>UIViewControllerBasedStatusBarAppearance</key>
    <false/>
    <key>NSAppTransportSecurity</key>
    <dict>
        <key>NSExceptionDomains</key>
        <dict>
            <key>myproject.com.ca</key>
            <dict>
                <key>NSExceptionAllowsInsecureHTTPLoads</key>
                <true/>
            </dict>
            <key>myproject.com.ca</key>
            <dict>
                <key>NSIncludesSubdomains</key>
                <true/>
                <key>NSExceptionAllowsInsecureHTTPLoads</key>
                <true/>
            </dict>
        </dict>
    </dict>
</dict>
</plist>

Velure answered 6/10, 2015 at 5:10 Comment(1)

please visit : nabla-c0d3.github.io/blog/2015/06/16/ios9-security-privacy – Still 14/10, 2015 at 6:44

Firstly, your Info.plist has two separate NSAppTransportSecurity key-value pairs. You should fix that so there is only the one pair.

Your question doesn’t say what domains your images are loaded from. It would be easier to give a specific answer if you could include this information.

If, for example, your images are loaded from example.com or subdomains, you could add an exception as follows:

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSExceptionDomains</key>
    <dict>
        <key>appanalytics.embarcadero.com</key>
        <dict>
            <key>NSExceptionAllowsInsecureHTTPLoads</key>
            <true/>
        </dict>
        <key>example.com</key>
        <dict>
            <key>NSIncludesSubdomains</key>
            <true/>
            <key>NSExceptionAllowsInsecureHTTPLoads</key>
            <true/>
        </dict>
    </dict>
</dict>

If you don’t know in advance what domains the images will be loaded from, then you can instead allows HTTP access to all domains:

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSAllowsArbitraryLoads</key>
    <true/>
    <key>NSExceptionDomains</key>
    <dict>
        <key>appanalytics.embarcadero.com</key>
        <dict>
            <key>NSExceptionAllowsInsecureHTTPLoads</key>
            <true/>
        </dict>
    </dict>
</dict>

Note that although the inclusion of appanalytics.embarcadero.com in this second example is technically redundant, it is recommended that you specify ATS exceptions for all known domains that your app will access.

Refractory answered 12/10, 2015 at 11:25 Comment(2)

thanks, I know domain of the images and added that as you suggested but did not help, I updated the question. – Velure 14/10, 2015 at 4:54

Looking at your last updated plist—you took my example too literally, as you have included two different entries for myproject.com.ca in NSExceptionDomains. You should have only one entry for each domain, with the exceptions needed for that domain. – Refractory 15/10, 2015 at 16:37

You can read this tutorial on how to configure App Transport Security or you could just allow everything as before by adding Dictionary "NSAppTransportSecurity" with a Boolean key named "NSAllowsArbitraryLoads" with the value "YES" in your info.plist.

Silique answered 15/10, 2015 at 18:27 Comment(0)

Your key name is NSExceptionAllowsInsecureHTTPLoads but it should be NSTemporaryExceptionAllowsInsecureHTTPLoads

Also, did you try to add

<key>NSExceptionRequiresForwardSecrecy</key>
<false/>

to ATS domain's key?
Some domains requires it.

Stilwell answered 16/10, 2015 at 3:29 Comment(0)

Recommended topics

Hot tags