Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
451 views
in Technique[技术] by (71.8m points)

ios - App Transport Security Xcode 7 beta 6

I'm currently working on Xcode 7 beta 6. I'm trying to send a "DELETE" request to http://mySubdomain.herokuapp.com

The error I receive is:

App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file.
Error making API call: Error Domain=NSURLErrorDomain Code=-1022 The resource could not be loaded because the App Transport Security policy requires the use of a secure connection.
NSLocalizedDescription=The resource could not be loaded because the App Transport Security policy requires the use of a secure connection., NSUnderlyingError=0x796f7ef0 {Error Domain=kCFErrorDomainCFNetwork Code=-1022 "(null)"}}

In my actual API call I put "https" instead of "http" and that actually worked for my POST requests. But the DELETE request throws the above error.

I've seen solutions on here that involve the pList file, but none of them have worked for me. I've listed my attempts below.

First attempt:

<key>NSAppTransportSecurity</key>
<dict>
  <key>NSAllowsArbitraryLoads</key>
      <true/>
</dict>

Second try:

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSExceptionDomains</key>
    <dict>
        <key>herokuapp.com</key>
        <dict>
            <key>NSIncludesSubdomains</key>
            <true/>
            <key>NSExceptionAllowsInsecureHTTPLoads</key>
            <true/>
            <key>NSExceptionRequiresForwardSecrecy</key>
            <false/>
            <key>NSExceptionMinimumTLSVersion</key>
            <string>TLSv1.2</string>
            <key>NSThirdPartyExceptionAllowsInsecureHTTPLoads</key>
            <true/>
            <key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
            <false/>
            <key>NSThirdPartyExceptionMinimumTLSVersion</key>
            <string>TLSv1.2</string>
            <key>NSRequiresCertificateTransparency</key>
            <false/>
        </dict>
    </dict>
</dict>

And finally, I even put all these temporary keys in like so:

<key>NSAppTransportSecurity</key>
    <dict>
        <key>NSExceptionDomains</key>
        <dict>
            <key>herokuapp.com</key>
            <dict>
                <key>NSIncludesSubdomains</key>
                <true/>
                <key>NSTemporaryIncludesSubdomains</key>
                <true/>
                <key>NSExceptionAllowsInsecureHTTPLoads</key>
                <true/>
                <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
                <true/>
                <key>NSExceptionRequiresForwardSecrecy</key>
                <false/>
                <key>NSTemporaryExceptionRequiresForwardSecrecy</key>
                <false/>
                <key>NSExceptionMinimumTLSVersion</key>
                <string>TLSv1.2</string>
                <key>NSTemporaryExceptionMinimumTLSVersion</key>
                <string>TLSv1.2</string>
                <key>NSThirdPartyExceptionAllowsInsecureHTTPLoads</key>
                <true/>
                <key>NSTemporaryThirdPartyExceptionAllowsInsecureHTTPLoads</key>
                <true/>
                <key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
                <false/>
                <key>NSTemporaryThirdPartyExceptionRequiresForwardSecrecy</key>
                <false/>
                <key>NSThirdPartyExceptionMinimumTLSVersion</key>
                <string>TLSv1.2</string>
                <key>NSTemporaryThirdPartyExceptionMinimumTLSVersion</key>
                <string>TLSv1.2</string>
                <key>NSRequiresCertificateTransparency</key>
                <false/>
                <key>NSTemporaryRequiresCertificateTransparency</key>
                <false/>
            </dict>
        </dict>
    </dict>

All with no luck! I always get the same error. The DELETE request is formatted correctly because when I manually do it from Postman, I get the desired result.

Here is what my actual API call method looks like, just in case there could be an issue here:

class func makeDELETEALLRequest(completion: (error:Bool) -> Void) {
        let session = NSURLSession.sharedSession()
        let url = NSURL(string:"https://mysubdomain.herokuapp.com/42kh24kh2kj2g24/clean")
        let request = NSMutableURLRequest(URL: url!)
        request.HTTPMethod = "DELETE"

        let task = session.dataTaskWithRequest(request) { (data, response, error) -> Void in

            if (error != nil) {
                print("Error making API call: (error!)")
                completion(error: true)
            } else {
                let HTTPResponse = response as! NSHTTPURLResponse
                let statusCode = HTTPResponse.statusCode
                if (statusCode == 200){
                    print("Successfully deleted!")
                    completion(error: false)
                } else {
                    print("Different status code: (statusCode)")
                    completion(error: true)
                }
            }
        }
        task.resume()
    }

Once again, I'm using Xcode 7 beta 6.

ABOUT MY SELECTED ANSWER The answer I selected as correct was right for me because I made all these changes to the wrong pList file in my project and that answer was the only one that addressed the possibility. The solutions offered by the other answers are not wrong, so any other people experiencing this issue should give them a try, since they are valid. I hope this helps anyone having similar issues.

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

I have solved it with adding some key in info.plist. As I am using objective C for some native application.

The steps I followed are:

  1. Opened my Projects info.plist file

  2. Added a Key called NSAppTransportSecurity as a Dictionary.

  3. Added a Subkey called NSAllowsArbitraryLoads as Boolean and set its value to YES as like following image.

enter image description here

Clean the Project and Now Everything is Running fine as like before.

Ref Link:

  1. https://stackoverflow.com/a/32631185/2905967

  2. https://stackoverflow.com/a/32609970


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...