iOS 9 ... WebView(s) 是否不受阻止不安全 HTTP 主机的应用程序传输安全异常 (ATS) 规则的约束? [英] iOS 9 ... Are WebView(s) exempt from the App Transport Security Exceptions (ATS) rules that block insecure HTTP hosts?
问题描述
在 iOS 9 中,Apple 会阻止应用程序的不安全 HTTP 连接,除非将特定主机列入白名单.
In iOS 9, Apple is blocking insecure HTTP connections for apps, unless specific hosts are whitelisted.
http://ste.vn/2015/06/10/configuring-app-transport-security-ios-9-osx-10-11/
是否出于显而易见的原因,WebView(s) 不受这些规则的约束,还是我们仍希望将浏览器打开的主机列入白名单...包括来自给定页面的所有链接?
Are WebView(s) exempt from these rules for obvious reasons, or are we still expected to whitelist hosts that a browser opens... including all links from a given page?
我不确定这是我们的责任还是可以免除.
I wasn't sure if this was our responsibility or if that was exempt.
推荐答案
SFSafariViewController 可以在没有 NSAppTransportSecurity 密钥的情况下显示 HTTP.
SFSafariViewController can show HTTP without the NSAppTransportSecurity key.
UIWebView 和 WKWebView 需要上面提到的 NSAppTransportSecurity 密钥才能显示 HTTP 页面.
UIWebView and WKWebView require the NSAppTransportSecurity key mentioned above to display HTTP pages.
这篇关于iOS 9 ... WebView(s) 是否不受阻止不安全 HTTP 主机的应用程序传输安全异常 (ATS) 规则的约束?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
