Opting out the App Transport Security feature in iOS application

Question

Starting from iOS 9 sdks, apple introduced a security feature called App Transport Security which is enabled by default. The system fails when it attempts to connect to insecure HTTP. For now we have opted out this feature by setting the value of "App Transport Security Settings-Allow Arbitrary Loads” to YES in application plist.

References

1) https://developer.apple.com/videos/play/wwdc2015-711/

2) https://developer.apple.com/library/ios/documentation/General/Reference/InfoPlistKeyReference/Articles/CocoaKeys.html

In my application, it uses a Media server, and the url of the server is dynamic taken as user input. In this case I cannot add exceptions to a particular server or is there a way to configure the exceptions programatically?

I couldn't find any documentation telling that the App store will not approve the app that uses App Transport Security Settings-Allow Arbitrary Loads” to YES in application plist. Is it legal to build an app with opting out the new security feature?

When I release the app, will there be any issue? http://stackoverflow.com/questions/33000277/ios-app-transport-security-issue — Govind, Feb 02 '16 at 13:29

score 1 · Answer 1 · answered Dec 23 '16 at 11:09

1

Maybe you can just set the option for NSAllowsArbitraryLoadsForMedia. It lets you opt out of ATS for media resources.

answered Dec 23 '16 at 11:09

k.young

11
1

Opting out the App Transport Security feature in iOS application

1 Answers1