We’ll be migrating to the new iOS build servers
this Sunday & this does entail one major thing you need to be aware of. With the new version of xcode http
URL’s are blocked by Apple. We
blogged about this a while back but this bares repeating as it’s something a lot of you will start running into.
To get an overview of the issue check out
this article or
the actual document from Apple.
In a nutshell http URL’s are no longer supported by Apple to facilitate proper security.
You can disable this block by using the build hintios.plistInject=<key>NSAppTransportSecurity</key><dict><key>NSAllowsArbitraryLoads</key><true/></dict>
but if you don’t have a good reason to do this Apple will reject your app and won’t let you ship your app
thru the appstore.
Be sure to update your apps!
Starting with this update our simulator will print out a warning every time you try to connect to an HTTP URL
to help you detect the cases where you do so. Hopefully this will make the migration to the new servers smoother.
Archived Comments
This post was automatically migrated from the legacy Codename One blog. The original comments are preserved below for historical context. New discussion happens in the Discussion section.
Gareth Murfin — June 16, 2016 at 5:02 pm (permalink)
Gareth Murfin says:
So HttpS will be fine right?
Shai Almog — June 17, 2016 at 3:40 am (permalink)
Shai Almog says:
That’s the goal. To force apps to use proper https sites and proper security.
I understand the logic here. In a browser you can see the lock icon on the top left and know if you are submitting to a secure website. In an app there is no such indication.
Eric Coolman — July 1, 2016 at 11:24 pm (permalink)
Eric Coolman says:
ATS minimum defaults: HTTPS + TLS 1.2 + FS
So far we haven’t been flagged for enabling arbitrary loads support with our banking apps, but I’m sure Apple will start clamping down soon.
Discussion
Join the conversation via GitHub Discussions.