0

Essentially I using a URL session to pull data from https://www.floridabar.org/mybarprofile/

As you can see it uses HTTPS and when visiting the site I have verified indeed it has been issued a certificate from Entrust and the cert is valid. Yet I get this error:

App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file.

I know how to bypass it via Info.plist but I feel I shouldn't have to given that it is HTTPS. This is my code:

let url = URL(string: "https://www.floridabar.org/mybarprofile/\(barNumber.text!)")

    let task = URLSession.shared.dataTask(with: url!) { (data, response, error) in
        print(NSString(data: data!, encoding: String.Encoding.utf8.rawValue))
    }

    task.resume()
Hajji Daoud
  • 157
  • 1
  • 8
  • Are you aware that the page you linked to 404's? Assuming that is the root of an API, have you checked the page that your request resolves to? – dokun1 Jul 24 '17 at 13:47
  • 1
    Does this endpoint load other resources such as images, js, or css over HTTP? iOS might block endpoints that load some resources over HTTPS and others over HTTP (this is known as mixed content blocking). – paulvs Jul 24 '17 at 13:54
  • 1
    Yes I am aware that page 404s it requires a bar number to determine if it is valid (which I do have in my code below). @paulvs Does iOS blocked mixed content? So in that case is my only option to bypass App Transport Security as I have no say over that site? – Hajji Daoud Jul 24 '17 at 16:57
  • More info here: https://stackoverflow.com/q/32456848/1305067 – paulvs Jul 24 '17 at 17:03

0 Answers0