Menu
My iOS app (written in Swift and React Native) has a custom url scheme that allows me to route to the app from e.g. Safari like this myappscheme://https://www.mywebsite.com/somematerial. If I enable App Transport Security in my app, the routing via custom url scheme is blocked and I get this message:
App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file.
However, if I disable ATS, the app routes as expected. I am not accessing any link via http in my app and in my routing I always fetch data via https. Therefore, I don't know why ATS is blocking this routing. Do you know if I have to provide some additional info about my url scheme?
Please see my ATS configurations in Info.plist:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoadsInWebContent</key>
<true/>
<key>NSExceptionDomains</key>
<dict>
<key>localhost</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
<true/>
</dict>
</dict>
</dict>
I've also whitelisted my custom url scheme:
<key>LSApplicationQueriesSchemes</key>
<array>
<string>myappscheme</string>
</array>
861
This issue has been resolved. I logged out the endpoint I was hitting and checked if it satisfied ATS requirements by doing in Terminal:
nscurl --ats-diagnostics https://www.example.com/
It turned out that the particular subdomain I was trying to fetch failed all ATS requirements. My server team has fixed the issue and made the endpoint secure.
184
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With