I'm upgrading an iOS app to iOS 9, and I have some URLs that are not secure, and I need a few exceptions to App Transport Security. I've added the two that I know about, but there are some warnings happening now stating:
App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file.
I need to know what URLs are being blocked so I can add them to the Info.plist, they're probably images or media files. How can I make the system log the URLs it decided not to load?
file that specifies the domains with which it needs secure communication. ATS prevents accidental disclosure, provides secure default behavior, and is easy to adopt. You should adopt ATS as soon as possible, regardless of whether you're creating a new app or updating an existing one.
App Transport Security (ATS) is a privacy feature introduced in iOS 9. It's enabled by default for new apps and enforces secure connections.
Editor Note: @jessedc points out in the comments below the link to the official Apple documentation on how to do this: https://developer.apple.com/library/content/qa/qa1887/_index.html
Okay, I have an answer I don't like! I still very much want a better one.
In my application:didFinishLaunchingWithOptions:
method I added the line
setenv("CFNETWORK_DIAGNOSTICS", "3", 1);
When I ran the app then, in the log I can find an entry that looks like this:
2015-07-02 15:27:56.152 MyApp[45041:9125662] CFNetwork diagnostics log file created at: /Users/micah.hainline/Library/Developer/CoreSimulator/Devices/ 11BCA581-5F5F-494D-932A-2ECFCA33EA93/data/Containers/Data/Application/ 9ACC6941-8039-4B86-B5E8-A6C66E2AD520/Library/Logs/CrashReporter/CFNetwork_com .myapp.MyApp_45041.nwlrb.log
When I open that file I have a huge number of log entries about everything that's happened on the network. I search for kCFErrorDomainCFNetwork
in that file and get logs for failed network requests. I can use that to see what URLs the system was trying to hit, and then can add that URL to the exceptions for App Transport Security.
Accepted answer is correct but If you're doing this on Xamarin iOS, you will need to use;
Environment.SetEnvironmentVariable("CFNETWORK_DIAGNOSTICS", "3", EnvironmentVariableTarget.Process);
Also, if you're looking for the log file use something like Simulator manager to find the correct location easier (https://github.com/tue-savvy/SimulatorManager).
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With