iOS 13中的ATS策略是否已更改，并且“允许任意加载"现在不起作用? [英] Is ATS policy have been changed in iOS 13 and Allow Arbitrary Loads now doesn't work?

问题描述

我在plist中拥有Xcode 11 beta 3，iOS 13:

Xcode 11 beta 3, iOS 13 in plist I have:

<key>NSAllowsArbitraryLoads</key>
<true/>

所有http请求均在iOS 13之前运行.在iOS 13中，我在控制台中看到:

And all http requests work prior iOS 13. In iOS 13 I'm seeing in console:

无法启动任务< ...>.< 1>的加载，因为它不符合ATS策略任务< ...>.< 1>完成，错误为[-1022]错误Domain = NSURLErrorDomain代码= -1022无法加载资源因为应用传输安全"政策要求使用安全连接." UserInfo = {NSLocalizedDescription =资源无法由于需要使用应用程序传输安全性"策略而被加载安全连接.，

Cannot start load of Task <...>.<1> since it does not conform to ATS policy Task <...>.<1> finished with error [-1022] Error Domain=NSURLErrorDomain Code=-1022 "The resource could not be loaded because the App Transport Security policy requires the use of a secure connection." UserInfo={NSLocalizedDescription=The resource could not be loaded because the App Transport Security policy requires the use of a secure connection.,

iOS 13中的ATS策略是否已更改?我找不到任何相关信息

Is ATS policy have been changed in iOS 13? I can't find any info about it

推荐答案

根据当前的

According to the current docs it's still possible to use this key, however it's likely you'll be asked to provide some explanation during App Store review.

由于这是 beta版本，因此这可能也是工具问题，而不是明确的更改.

Since this is a beta release, it's possible that this is also an issue in tooling rather than an explicit change.

请注意:

在iOS 10和更高版本以及macOS 10.12和更高版本中，如果应用的信息属性列表"文件中存在以下任何键，则将忽略NSAllowsArbitraryLoads键的值，并使用默认值NO代替:NSAllowsArbitraryLoadsForMediaNSAllowsArbitraryLoadsInWebContentNSAllowsLocalNetworking

In iOS 10 and later and macOS 10.12 and later, the value of the NSAllowsArbitraryLoads key is ignored—and the default value of NO used instead—if any of the following keys are present in your app’s Information Property List file: NSAllowsArbitraryLoadsForMedia NSAllowsArbitraryLoadsInWebContent NSAllowsLocalNetworking

同时，您是否考虑使用NSmainExceptions作为解决方法?无论如何，最好的做法是为特定域添加例外，而不仅仅是允许整个应用程序进行不安全的加载.例外域文档供您参考

In the mean time, would you consider using NSDomainExceptions as a workaround? It's a better practice at any rate to add exceptions for a specific domain, rather than just allowing unsecured loads across your app. Exception domain docs for your reference

这篇关于iOS 13中的ATS策略是否已更改，并且“允许任意加载"现在不起作用?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！