Error loading web in UIWebView

Question

I'm using an UIWebView and I can't load facebook. I have to say that I'm using xcode 7 beta 2 and iOS 9.0 beta 4.

This is the error:

Error Domain=NSURLErrorDomain Code=-1022 "The resource could not be loaded because the App Transport Security policy requires the use of a secure connection."

Answer 1

So, I will answer my own question. As CSmith answered, apple wants us to use App Transport Security (ATS). But yet, as there are many people not ready, I'll show the way to avoid it. In your info.plist add the next thing:

<key>NSAppTransportSecurity</key>
<dict>
  <!--Include to allow all connections (DANGER)-->
  <key>NSAllowsArbitraryLoads</key>
  <true/>
</dict>

related: iOS 9 ... Are WebView(s) exempt from the App Transport Security Exceptions (ATS) rules that block insecure HTTP hosts?

Answer 2

In iOS 9 (and OS X 10.11) Apps shouldn't make unprotected HTTP requests so they are disabled by default. Also you should use TLS 1.2 with forward secrecy. RC4 and SHA-1 certificate signatures are disabled and keys for RSA should be at least 2048 bits long (256 bits for EC).

If you really want to use http or less secure https, you can define exceptions in your app's info.plist file.

<key>NSAppTransportSecurity</key>
<dict>
  <key>NSAllowsArbitraryLoads</key>
  <true/>
  <key>NSExceptionDomains</key>
  <dict>
    <key>yourserver.com</key>
    <dict>
      <!--Include to allow subdomains-->
      <key>NSIncludesSubdomains</key>
      <true/>
      <!--Include to allow HTTP requests-->
      <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
      <true/>
      <!--Include to specify minimum TLS version-->
      <key>NSTemporaryExceptionMinimumTLSVersion</key>
      <string>TLSv1.1</string>
    </dict>
  </dict>
</dict>