App TranSport安全性,允许在升级到IOS 10.1

时间:2016-11-09 14:12:57

标签: ios ios10 app-transport-security

您好我有一个适用于ios 9和10.0的应用程序(我已将“允许任意加载= YES”的App Transport Security阻止添加到我的info.plist。但升级到10.1和Xcode 8.1后似乎是App Transport Security的一个问题。我无法连接到服务器。我的服务器只支持TLS 1.1

显示此错误

Error Domain=NSURLErrorDomain Code=-1022 "The resource could not be loaded because the App Transport Security policy requires the use of a secure connection.

可能是IOS 10.1忽略.plist信息。有谁有这个问题?任何帮助都非常感激。谢谢(注意。在9.3到10.0仍然正常工作)

我的.plist文件

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>CFBundleDevelopmentRegion</key>
    <string>en</string>
    <key>CFBundleDisplayName</key>
    <string>SingPost</string>
    <key>CFBundleExecutable</key>
    <string>${EXECUTABLE_NAME}</string>
    <key>CFBundleIdentifier</key>
    <string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
    <key>CFBundleInfoDictionaryVersion</key>
    <string>6.0</string>
    <key>CFBundleName</key>
    <string>${PRODUCT_NAME}</string>
    <key>CFBundlePackageType</key>
    <string>APPL</string>
    <key>CFBundleShortVersionString</key>
    <string>1.8.7</string>
    <key>CFBundleSignature</key>
    <string>????</string>
    <key>CFBundleURLTypes</key>
    <array>
        <dict>
            <key>CFBundleURLSchemes</key>
            <array>
                <string>fb1540614276180366</string>
            </array>
            <key>Item 0</key>
            <string>fb1540614276180366</string>
        </dict>
    </array>
    <key>CFBundleVersion</key>
    <string>1.8.7</string>
    <key>FacebookAppID</key>
    <string>1540614276180366</string>
    <key>FacebookDisplayName</key>
    <string>Singpost</string>
    <key>LSRequiresIPhoneOS</key>
    <true/>
    <key>NSAppTransportSecurity</key>
    <dict>
        <key>NSAllowsArbitraryLoads</key>
        <true/>
        <key>NSAllowsArbitraryLoadsInWebContent</key>
        <true/>
        <key>NSExceptionDomains</key>
        <dict>
            <key>prdesb1.singpost.com</key>
            <dict>
                <key>NSIncludesSubdomains</key>
                <true/>
                <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
                <true/>
                <key>NSTemporaryExceptionMinimumTLSVersion</key>
                <string>TLSv1.1</string>
                <key>NSTemporaryExceptionRequiresForwardSecrecy</key>
                <false/>
            </dict>
            <key>mobile.singpost.com</key>
            <dict>
                <key>NSIncludesSubdomains</key>
                <true/>
                <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
                <true/>
                <key>NSTemporaryExceptionMinimumTLSVersion</key>
                <string>TLSv1.1</string>
                <key>NSTemporaryExceptionRequiresForwardSecrecy</key>
                <false/>
            </dict>
        </dict>
    </dict>
    <key>NSCameraUsageDescription</key>
    <string>$(PRODUCT_NAME) camera use</string>
    <key>NSLocationAlwaysUsageDescription</key>
    <string>    </string>
    <key>NSLocationWhenInUseUsageDescription</key>
    <string>    </string>
    <key>NSPhotoLibraryUsageDescription</key>
    <string>$(PRODUCT_NAME) uses photos</string>
    <key>UIAppFonts</key>
    <array>
        <string>OpenSans-Regular.ttf</string>
        <string>OpenSans-Bold.ttf</string>
        <string>OpenSans-Semibold.ttf</string>
        <string>OpenSans-Light.ttf</string>
        <string>OpenSans-LightItalic.ttf</string>
    </array>
    <key>UIBackgroundModes</key>
    <array>
        <string>remote-notification</string>
    </array>
    <key>UIRequiredDeviceCapabilities</key>
    <array>
        <string>armv7</string>
    </array>
    <key>UIRequiresFullScreen</key>
    <true/>
    <key>UISupportedInterfaceOrientations</key>
    <array>
        <string>UIInterfaceOrientationPortrait</string>
    </array>
    <key>UISupportedInterfaceOrientations~ipad</key>
    <array>
        <string>UIInterfaceOrientationPortrait</string>
    </array>
</dict>
</plist>

我修复了我的add exeptiondomain,但在控制台

中出现此错误 
NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9802) –

根据建议进行修改。我将我的plist改为

<key>mobile.singpost.com</key>
            <dict>
                <key>NSIncludesSubdomains</key>
                <true/>
                <key>NSExceptionAllowsInsecureHTTPLoads</key>
                <true/>
                <key>NSExceptionMinimumTLSVersion</key>
                <string>TLSv1.1</string>
                <key>NSExceptionRequiresForwardSecrecy</key>
                <false/>
            </dict>
            <key>mysam.sg</key>
            <dict>
                <key>NSIncludesSubdomains</key>
                <true/>
                <key>NSExceptionAllowsInsecureHTTPLoads</key>
                <true/>
                <key>NSExceptionMinimumTLSVersion</key>
                <string>TLSv1.1</string>
                <key>NSExceptionRequiresForwardSecrecy</key>
                <false/>
            </dict>

1 个答案:

答案 0 :(得分:14)

通过指定NSAllowsArbitraryLoadsInWebContent,您将在iOS 10上覆盖NSAllowsArbitraryLoads

  

在iOS 10及更高版本以及macOS 10.12及更高版本中,如果应用的Info.plist中存在以下任何键,则 [NSAllowsArbitraryLoads]键的值将被忽略文件:

     
      
  • NSAllowsArbitraryLoadsForMedia
    •   
  • NSAllowsArbitraryLoadsInWebContent
    •   
  • NSAllowsLocalNetworking
    •   

来源:App Transport Security dictionary primary keys(Apple)

此外,您提供的NSExceptionDomain字典似乎与current documented format不匹配。具体来说,键不匹配:

  • NSTemporaryExceptionAllowsInsecureHTTPLoads NSExceptionAllowsInsecureHTTPLoads

  • NSTemporaryExceptionMinimumTLSVersion NSExceptionMinimumTLSVersion

  • NSTemporaryExceptionRequiresForwardSecrecy NSExceptionRequiresForwardSecrecy

相关问题
最新问题