iOS应用程序传输安全性:允许Info.plist中的某些IP地址

时间:2016-07-26 15:26:14

标签: ios xcode security react-native plist

安全设置似乎是正确的,但我的React Native应用程序由于某种原因没有连接到服务器(在iOS设备或模拟器上运行时都没有)。

服务器(IP地址和端口)在网络上可见,因此错误可能是由NSAppTransportSecurity内的Info.plist引起的。重新启动它没有用。

正在运行的解决方案是将NSAllowsArbitraryLoads设置为true以打开地址。据我所知,它暴露了所有IP地址,因此应该避免使用。

NSExceptionDomains似乎只能使用域名而不是IP地址。

如何打开10.10.0.16localhost IP地址并阻止所有其他地址?

应用传输安全设置:

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSAllowsArbitraryLoads</key>
    <false/>
    <key>NSExceptionDomains</key>
    <dict>
        <key>10.10.0.16</key>
        <dict>
            <key>NSTemporaryExceptionMinimumTLSVersion</key>
            <string>TLSv1.1</string>
            <key>NSTemporaryExceptionRequiresForwardSecrecy</key>
            <false/>
            <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
            <true/>
            <key>NSIncludesSubdomains</key>
            <true/>
        </dict>
        <key>localhost</key>
        <dict>
            <key>NSTemporaryExceptionMinimumTLSVersion</key>
            <string>TLSv1.1</string>
            <key>NSTemporaryExceptionRequiresForwardSecrecy</key>
            <false/>
            <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
            <true/>
            <key>NSIncludesSubdomains</key>
            <true/>
        </dict>
    </dict>
</dict>

控制台日志:

2016-07-26 17:14:26.803 RNProject[80649:678556] NSMainNibFile and UIMainStoryboardFile are both set. NSMainNibFile ignored.
2016-07-26 17:14:26:936 RNProject[80649:678556] styleString = styleFile
2016-07-26 17:14:27.005 RNProject[80649:678837] App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file.
2016-07-26 17:14:27.021 RNProject[80649:678556]  INFO: Reveal Server started (Protocol Version 25).
2016-07-26 17:14:27.035 RNProject[80649:678556] Reachability: Reachable via WiFi
2016-07-26 17:14:27.035 RNProject[80649:678556] Reach = Reachability: Reachable via WiFi
2016-07-26 17:14:27.036 [fatal][tid:main] Could not connect to development server.

Ensure the following:
- Node server is running and available on the same network - run 'npm start' from react-native root
- Node server URL is correctly set in AppDelegate

URL: http://10.10.0.16:8081/index.ios.bundle?platform=ios&dev=true

1 个答案:

答案 0 :(得分:1)

看似唯一的解决方案是在开发版本中设置<key>NSAllowsArbitraryLoads</key><true/>以加载React Native库并在发布时将其关闭。

相关问题
最新问题