应用程式TranSport安全性,升级至IOS 10.1后,允许任意负载不起作用 [英] App TranSport security, allow arbitrary load not working after upgrade to IOS 10.1
问题描述
我有一个在ios 9和10.0中运行良好的应用程序(我在info.plist中添加了允许任意加载= YES"的应用程序传输安全性阻止.但是在升级到10.1和Xcode 8.1之后,似乎App Transport Security出现问题.我无法连接到服务器.我的服务器最多仅支持TLS 1.1
I have an app that works fine in ios 9 and 10.0 (I have add the App Transport Security blocking with "Allow Arbitrary Loads = YES" to my info.plist. But after upgrade to 10.1 and Xcode 8.1 there seem to be a problem with the App Transport Security. I can not connect to server. My server only support up to TLS 1.1
显示此错误
Error Domain=NSURLErrorDomain Code=-1022 "The resource could not be loaded because the App Transport Security policy requires the use of a secure connection.
可能是IOS 10.1忽略了.plist信息. (请注意,在9.3至10.0上它仍然可以正常工作).
May be IOS 10.1 ignore the .plist info. (Note that on 9.3 till 10.0 it is still working fine).
我的.plist文件
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CFBundleDevelopmentRegion</key>
<string>en</string>
<key>CFBundleDisplayName</key>
<string>SingPost</string>
<key>CFBundleExecutable</key>
<string>${EXECUTABLE_NAME}</string>
<key>CFBundleIdentifier</key>
<string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
<key>CFBundleInfoDictionaryVersion</key>
<string>6.0</string>
<key>CFBundleName</key>
<string>${PRODUCT_NAME}</string>
<key>CFBundlePackageType</key>
<string>APPL</string>
<key>CFBundleShortVersionString</key>
<string>1.8.7</string>
<key>CFBundleSignature</key>
<string>????</string>
<key>CFBundleURLTypes</key>
<array>
<dict>
<key>CFBundleURLSchemes</key>
<array>
<string>fb1540614276180366</string>
</array>
<key>Item 0</key>
<string>fb1540614276180366</string>
</dict>
</array>
<key>CFBundleVersion</key>
<string>1.8.7</string>
<key>FacebookAppID</key>
<string>1540614276180366</string>
<key>FacebookDisplayName</key>
<string>Singpost</string>
<key>LSRequiresIPhoneOS</key>
<true/>
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
<key>NSAllowsArbitraryLoadsInWebContent</key>
<true/>
<key>NSExceptionDomains</key>
<dict>
<key>prdesb1.singpost.com</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSTemporaryExceptionMinimumTLSVersion</key>
<string>TLSv1.1</string>
<key>NSTemporaryExceptionRequiresForwardSecrecy</key>
<false/>
</dict>
<key>mobile.singpost.com</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSTemporaryExceptionMinimumTLSVersion</key>
<string>TLSv1.1</string>
<key>NSTemporaryExceptionRequiresForwardSecrecy</key>
<false/>
</dict>
</dict>
</dict>
<key>NSCameraUsageDescription</key>
<string>$(PRODUCT_NAME) camera use</string>
<key>NSLocationAlwaysUsageDescription</key>
<string> </string>
<key>NSLocationWhenInUseUsageDescription</key>
<string> </string>
<key>NSPhotoLibraryUsageDescription</key>
<string>$(PRODUCT_NAME) uses photos</string>
<key>UIAppFonts</key>
<array>
<string>OpenSans-Regular.ttf</string>
<string>OpenSans-Bold.ttf</string>
<string>OpenSans-Semibold.ttf</string>
<string>OpenSans-Light.ttf</string>
<string>OpenSans-LightItalic.ttf</string>
</array>
<key>UIBackgroundModes</key>
<array>
<string>remote-notification</string>
</array>
<key>UIRequiredDeviceCapabilities</key>
<array>
<string>armv7</string>
</array>
<key>UIRequiresFullScreen</key>
<true/>
<key>UISupportedInterfaceOrientations</key>
<array>
<string>UIInterfaceOrientationPortrait</string>
</array>
<key>UISupportedInterfaceOrientations~ipad</key>
<array>
<string>UIInterfaceOrientationPortrait</string>
</array>
</dict>
</plist>
我已修复我的添加exeptiondomain,但在控制台中出现此错误
I fix my add exeptiondomain but have this error in console
NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9802) –
根据建议进行编辑.我将plist更改为
Edit from suggestion. I change my plist to
<key>mobile.singpost.com</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSExceptionMinimumTLSVersion</key>
<string>TLSv1.1</string>
<key>NSExceptionRequiresForwardSecrecy</key>
<false/>
</dict>
<key>mysam.sg</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSExceptionMinimumTLSVersion</key>
<string>TLSv1.1</string>
<key>NSExceptionRequiresForwardSecrecy</key>
<false/>
</dict>
推荐答案
通过指定NSAllowsArbitraryLoadsInWebContent
,您将在iOS 10上覆盖NSAllowsArbitraryLoads
.
By specifying NSAllowsArbitraryLoadsInWebContent
, you are overriding NSAllowsArbitraryLoads
on iOS 10.
在iOS 10和更高版本以及macOS 10.12和更高版本中,如果应用的Info.plist文件中存在以下任何键,则 [
NSAllowsArbitraryLoads
]键的值将被忽略:
In iOS 10 and later, and macOS 10.12 and later, the value of [the
NSAllowsArbitraryLoads
] key is ignored if any of the following keys are present in your app’s Info.plist file:
- NSAllowsArbitraryLoadsForMedia
- NSAllowsArbitraryLoadsInWebContent
- NSAllowsLocalNetworking
- NSAllowsArbitraryLoadsForMedia
- NSAllowsArbitraryLoadsInWebContent
- NSAllowsLocalNetworking
Source: App Transport Security dictionary primary keys (Apple)
Additionally, the NSExceptionDomain
dictionaries you have provided don't seem to match the current documented format. Specifically, the keys don't match:
-
NSTemporaryExceptionAllowsInsecureHTTPLoads
应该为NSExceptionAllowsInsecureHTTPLoads
NSTemporaryExceptionAllowsInsecureHTTPLoads
should beNSExceptionAllowsInsecureHTTPLoads
NSTemporaryExceptionMinimumTLSVersion
应该为 NSExceptionMinimumTLSVersion
NSTemporaryExceptionMinimumTLSVersion
should be NSExceptionMinimumTLSVersion
NSTemporaryExceptionRequiresForwardSecrecy
应该是 NSExceptionRequiresForwardSecrecy
NSTemporaryExceptionRequiresForwardSecrecy
should be NSExceptionRequiresForwardSecrecy
这篇关于应用程式TranSport安全性,升级至IOS 10.1后,允许任意负载不起作用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!