0

This is my info.plist

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSExceptionDomains</key>
    <dict>
        <key>https://chargepoints.dft.gov.uk</key>
        <dict>
            <key>NSExceptionAllowsInsecureHTTPLoads</key>
            <true/>
            <key>NSExceptionRequiresForwardSecrecy</key>
            <false/>
            <key>NSIncludesSubdomains</key>
            <true/>
            <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
            <true/>
            <key>NSAllowsArbitraryLoads</key>
            <true/>
        </dict>
        
    </dict>
</dict>

This is how I've tried setting the session manager on alamofire

private static var Manager: Alamofire.SessionManager = {
    
    // Create the server trust policies
    let serverTrustPolicies: [String: ServerTrustPolicy] = [
        "https://chargepoints.dft.gov.uk": .disableEvaluation
    ]
    
    // Create custom manager
    let configuration = URLSessionConfiguration.default
    configuration.httpAdditionalHeaders = Alamofire.SessionManager.defaultHTTPHeaders
    let manager = Alamofire.SessionManager(
        configuration: URLSessionConfiguration.default,
        serverTrustPolicyManager: ServerTrustPolicyManager(policies: serverTrustPolicies)
    )
    
    return manager
}()

And this is my code for doing the request

Downloader.Manager.request("https://chargepoints.dft.gov.uk/api/retrieve/registry/format/json").responseJSON { response in
        print("Request: \(String(describing: response.request))")   // original url request
        print("Response: \(String(describing: response.response))") // http url response
        print("Result: \(String(describing: response.result))")                         // response serialization result
        
        print("Error: \(String(describing: response.error))")
        
        if let json = response.result.value {
            print("JSON: \(json)") // serialized json response
        }
        
        if let data = response.data, let utf8Text = String(data: data, encoding: .utf8) {
            print("Data: \(utf8Text)") // original server data as UTF8 string
        }
    }

Oh using iOS 10.3

XCode 8.3.2

Swift 3.0

Nimantha
  • 6,405
  • 6
  • 28
  • 69
Jack Spacie
  • 15
  • 5
  • did you try "chargepoints.dft.gov.uk" instead of "https:// chargepoints.dft.gov.uk" for your server trust policy? – Simon Oct 31 '17 at 13:37
  • Thanks, yeah I have tried that to no effect – Jack Spacie Nov 01 '17 at 00:09
  • I.'ve run nscurl --ats-diagnostics https://chargepoints.dft.gov.uk/api/retrieve/registry/format/json as per this thread https://stackoverflow.com/questions/42843459/tls-v-1-1-and-tls-v-1-2-ios-issue and it fails on all of the checks which seems to indicate that disabling all the options in the plist has no effect. I think a clue is to do with this – Jack Spacie Nov 01 '17 at 02:12

2 Answers2

1

Try this

var afManager : SessionManager?

  afManager!.delegate.sessionDidReceiveChallenge = { session, challenge in
        var disposition = URLSession.AuthChallengeDisposition.performDefaultHandling

        var credential : URLCredential?

        if(challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust)
        {
            disposition = URLSession.AuthChallengeDisposition.useCredential
            credential = URLCredential(trust: challenge.protectionSpace.serverTrust!)
        }
        else

            if(challenge.previousFailureCount > 0)
            {
                disposition = URLSession.AuthChallengeDisposition.cancelAuthenticationChallenge
            }
            else
            {
                credential = self.afManager!.session.configuration.urlCredentialStorage?.defaultCredential(for: challenge.protectionSpace)
                if(credential != nil)
                {
                    disposition = URLSession.AuthChallengeDisposition.useCredential
                }

        }
        return (disposition, credential)
    }

Then make your request

  afManager?.request("YOUR-URL-HERE", method: .get).responseJSON { response in

            switch response.result {
            case .success:
                print(response.result.value)
                break
            case .failure(let error):
                print(error)
            }
        }
AdamM
  • 4,400
  • 5
  • 49
  • 95
0

For anyone who wants to know, I got around this problem but changing the Https:// to plain Http as per one of the comments on this question

Transport security has blocked a cleartext HTTP

I banged my head against the wall for days but finally got some data.

Then changing the domain to chargepoints.dft.gov.uk omitting http: or https: finally got the rules to start working.

All the best Jack

Jack Spacie
  • 15
  • 5