iOS9 Network API Limitation
Network API Limitation
Above iOS9, Apple added security enhancement for WebView(UIWebView, WKWebView) and any Network API, NSURLRequest …
By default, https is allowed to access any websites.
All access converts https automatically by iOS
So, we cannot use http connection and cannot see Non SSL webpage without settings.
Disable All
This is not recommendation, but if your application is web browser or something, we have no choice.
To disable this feature, we need to edit Info.plist
<key>NSAppTransportSecurity</key> <dict> <key>NSAllowsArbitraryLoads</key> <true/> </dict>
Allow everything, it’s not good for security.
Apple Details : App Transfer Security
Add exception
Add exception
<key>NSAppTransportSecurity</key> <dict> <key>NSExceptionDomains</key> <dict> <key>com</key> <dict> <key>NSIncludesSubdomains</key> <true/> <key>NSThirdPartyExceptionRequiresForwardSecrecy</key> <false/> <key>NSThirdPartyExceptionAllowsInsecureHTTPLoads</key> <true/> </dict> <key>jp</key> <dict> <key>NSIncludesSubdomains</key> <true/> <key>NSThirdPartyExceptionRequiresForwardSecrecy</key> <false/> <key>NSThirdPartyExceptionAllowsInsecureHTTPLoads</key> <true/> </dict> </dict> </dict>
Allow .jp, .com We can add domain level.