Since the release of iOS 9, a ton of stress has been put on mobile developers because of forced changes that Apple put in place. The most common problem developers are facing resides in the App Transport Security (ATS) policies that Apple now requires when accessing insecure resources external from the deployed application.
When developing a NativeScript application that calls remote web APIs or downloads remote resources, you might have run into the following error:
App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file.
This error isn’t a bad thing. Sure it isn’t pleasant to see in your app, but it does protect your users from exposing their sensitive information in an insecure web request. You can create an App Transport Security (ATS) policy to override this error or make exceptions to it.
To add a policy, open your Xcode info.plist file. This file can be found at platforms/ios/project_name/project_name-info.plist in your project. Of course you should replace project_name with the actual name of your project. At the bottom of your info.plist, add the following:
<key>NSAppTransportSecurity</key> <dict> <key>NSAllowsArbitraryLoads</key> <true /> </dict>
Note that the above snippet is a full override. In a production application it probably isn’t a good idea to do this. Instead, you should read the Apple documentation and add only the resources that you decide to the whitelist.
As much of a pain App Transport Security (ATS) seems in iOS 9, it is actually a positive thing for your users. With a few modifications you can make exceptions to allow communication between the application and insecure external resources.
Stay up to date on the latest in web, mobile, and game development, plus receive exclusive content by subscribing to The Polyglot Developer newsletter.