Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

NSAppTransportSecurity for Exception of 2 domains

Tags:

swift

info.plist

nsapptransportsecurity

Since my domain doesn't have an SSL Certificate atm I use the NSExceptionDomains to allow the domain to load anyway.

I use the following code in the Info.plist to allow both the domain and it's subdomains

<key>NSAppTransportSecurity</key>
    <dict>
        <key>NSExceptionDomains</key>
        <dict>
            <key>infever.com</key>
            <dict>
                <key>NSIncludesSubdomains</key>
                <true/>
                <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
                <true/>
            </dict>
        </dict>
    </dict>

However, I'd like to pass through 2 domains this time since some parts of the app is from a different domain.

I tried just adding another key like this:

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSExceptionDomains</key>
    <dict>
        <key>infever.com</key>
        <key>gentsgroup.com</key>
        <dict>
            <key>NSIncludesSubdomains</key>
            <true/>
            <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
            <true/>
        </dict>
    </dict>
</dict>

But that didn't work. What would be the proper way of doing it?

like image 997
Mr Riksson Avatar asked Aug 22 '16 17:08

Mr Riksson

People also ask

What is Nsallowsarbitraryloads?

A Boolean value indicating whether App Transport Security restrictions are disabled for all network connections.

What is NSExceptionDomains?

Custom App Transport Security configurations for named domains.

How do I install NSExceptionDomains?

Adding a domain exception is easy. You add the NSExceptionDomains key to the NSAppTransportSecurity dictionary of the target's Info. plist. The value of the key is a dictionary with every key of the dictionary being a domain exception.

2 Answers

<dict>
    <key>yourFirstDomain.com</key>
    <dict>
        <key>NSExceptionAllowsInsecureHTTPLoads</key>
        <true/>
        <key>NSExceptionMinimumTLSVersion</key>
        <string>TLSv1.2</string>
        <key>NSExceptionRequiresForwardSecrecy</key>
        <true/>
        <key>NSIncludesSubdomains</key>
        <true/>
        <key>NSRequiresCertificateTransparency</key>
        <false/>
        <key>NSThirdPartyExceptionAllowsInsecureHTTPLoads</key>
        <false/>
        <key>NSThirdPartyExceptionMinimumTLSVersion</key>
        <string>TLSv1.2</string>
        <key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
        <true/>
    </dict>
    <key>yourSecondDomain.com</key>
    <dict>
        <key>NSExceptionAllowsInsecureHTTPLoads</key>
        <true/>
        <key>NSExceptionMinimumTLSVersion</key>
        <string>TLSv1.2</string>
        <key>NSExceptionRequiresForwardSecrecy</key>
        <true/>
        <key>NSIncludesSubdomains</key>
        <true/>
        <key>NSRequiresCertificateTransparency</key>
        <false/>
        <key>NSThirdPartyExceptionAllowsInsecureHTTPLoads</key>
        <false/>
        <key>NSThirdPartyExceptionMinimumTLSVersion</key>
        <string>TLSv1.2</string>
        <key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
        <true/>
    </dict>
</dict>

just copy this dictionary under your NSAppTransportSecurity and replace yourFirstDomain.com with you first domain and yourSecondDomain.com with your second domain

like image 56
Er. Khatri Avatar answered Nov 04 '22 02:11

Er. Khatri

Try this. This is for Per-Domain Exceptions only so seperating them might work. Otherwise you can completely disable ATS (look at the 2nd set of code)

Mutiple Domains (Seperate Dict's)

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSExceptionDomains</key>
    <dict>
        <key>infever.com</key>
        <dict>
            <key>NSIncludesSubdomains</key>
            <true/>
            <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
            <true/>
        </dict>
    </dict>
    <dict>
        <key>gentsgroup.com</key>
        <dict>
            <key>NSIncludesSubdomains</key>
            <true/>
            <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
            <true/>
        </dict>
    </dict>
</dict>

Disable ATS Completely

<key>NSAppTransportSecurity</key>
<dict>
  <!--Include to allow all connections (DANGER)-->
  <key>NSAllowsArbitraryLoads</key>
      <true/>
</dict>
like image 23
brkr Avatar answered Nov 04 '22 01:11

brkr
Sign in to Comment

Related questions

implement login screen before swrevealcontroller
UIKeyCommand is not disabled when typing into a text field (Swift)
How can I override this Swift property?
Create height array in metric and imperial for UIPickerView?
Implementing the MVC pattern
How to save a swift struct to file
Accessing FIRUser in ViewController in iOS
AWS User Pool Setup (Swift)
Swift & Firebase - How to store more user data other than email and password?
Crash when setting navigation items on UINavigationBar
Swift - scheduledTimerWithTimeInterval - NSInvocation
How to fulfill nil promise swift
iOS why system kills the app using location in background
AVPlayer seek right after it starts to play
Build realm for Swift 3 & Xcode 8
Should a `.barrier` on a concurrent queue become active immediately?
how to observer variable value changes over time in xcode
Unable to compile AWS CustomIdentityProvider on xcode 8 beta 6
"Cannot assign value of type 'Int' to type 'Uint' "
UITableViewCell Buttons with action

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!