Menu
I develop my iOS app using a local server running on my dev box. When testing on devices, I connect directly via an IP address, which is over HTTP and not HTTPS (so I don't have to deal with self-signed certs while in development, which the device wouldn't even like anyways).
I thought that this would be sufficient:
However, cannot get it to work without also adding NSAllowsArbitraryLoads = YES, AKA this:
Now, I will have to remember to remove this when rolling a production build but not during development...arg. Should the NSExceptionDomains work with IP addresses, and if not, is there anything else I can do without also enabling NSAllowsArbitraryLoads?
920
App Transport Security (ATS) is an iOS feature that forces mobile apps to connect to back-end servers using HTTPS, instead of HTTP, to encrypt data in transit. ATS enforces a minimum security level for communications between a mobile app and web services that support its functionality.
The websites you visit, apps you use, and even your ISP collect your IP address along with other personal information. However, individual users can also easily trace your IP address.
Most of Apple's sites have IP addresses in the 17. x.x.x range, which is used only by Apple; the iTunes Store also uses a server at 72.246. 51.115.
NSAllowsArbitraryLoadsInWebContent. A Boolean value indicating whether all App Transport Security restrictions are disabled for requests made from web views.
App Transport Security (ATS) enforces secure connections between internet resources (such as the app's back-end server) and your app. This article will introduce the security changes that App Transport Security enforces on an iOS 9 app and what this means for your Xamarin.iOS projects,...
So, the new beta SDK of iOS released last night has "App Transport Security" which encourages developers to use https instead of http. In principle, this is a great idea, and I already use https in our staging/production environments.
The speaker did not elaborate on any of the keys, but I think they’re all reasonably obvious. You can also ignore all app transport security restrictions with a single key, if your app has a good reason to do so:
All iOS 9 and iOS 10 devices running apps built with Xcode 7 or higher that don't disable ATS will be affected by this change. This may affect your app's integration with the Google Mobile Ads SDK.
Hard-coded IP address wont work in iOS9. I also faced the same issue. Tried all permutations & combinations of available solutions. Finally, had to use a proper domain name.
So, NO.In iOS9 you just can't get away with hard-coded IP addresses.
190
is there anything else I can do without also enabling
NSAllowsArbitraryLoads?
One workaround is to use xip.io, as explained by QJeffR in this Apple Developer Forums thread (which was shared by David L in his comment):
A DNS call to (for example) 10.0.1.8.xip.io will resolve to 10.0.1.8, allowing use of the domain instead of the IP address for the
NSExceptionDomainskey.
35
As @PanxShaz said you can't put an hardcoded IP address but you can use an easy workaround:
Open your /etc/hosts file using sudo and add a new local domain name for your ip address. Example:
192.168.99.100 docker-host.localhost
Then flush your DNS :
dscacheutil -flushcache
And finally use this new local domain in your app transport security exceptions.
41
If you are targeting iOS 10+, just set the NSAllowsLocalNetworking flag.
24
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
