Property List Key

NSAppTransportSecurity

A description of changes made to the default security for HTTP connections.

Details

Name
App Transport Security Settings
Type
dictionary

Discussion

On Apple platforms, a networking feature called App Transport Security (ATS) improves privacy and data integrity for all apps and app extensions. ATS requires that all HTTP connections made with the URL Loading System—typically using the NSURLSession class—use HTTPS. It further imposes extended security checks that supplement the default server trust evaluation prescribed by the Transport Layer Security (TLS) protocol. ATS blocks connections that fail to meet minimum security specifications. For additional details, see Preventing Insecure Network Connections.

You can circumvent or augment these protections by adding the NSAppTransportSecurity key to your app’s Information Property List file and providing an ATS configuration dictionary as the value. For example, you can:

All keys in the ATS configuration dictionary are optional, with default values that are suitable for most apps. Keys that define global exceptions apply to all network connections made by your app, except connections to domains specified in the NSExceptionDomains sub-dictionary. That sub-dictionary allows you to separately manage settings for individual domains.

Versioning

ATS operates by default for apps linked against the iOS 9.0 or macOS 10.11 SDKs or later. When you link your app against an older SDK, ATS is disabled no matter which version of operating system your app runs on.

If you specify a value for any of the global exceptions besides NSAllowsArbitraryLoads, then the ATS behavior depends on the version of the OS on which your app runs:

iOS 9.0 or macOS 10.11

ATS uses the NSAllowsArbitraryLoads value that you set, or NO by default, and ignores the other global exceptions.

iOS 10.0 or later or macOS 10.12 or later

ATS ignores the NSAllowsArbitraryLoads value that you set and instead obeys the other key or keys.

This behavior enables you to manage differences between OS versions. You provide a coarse exception (NSAllowsArbitraryLoads) for older versions, and a more targeted exception, like NSAllowsArbitraryLoadsInWebContent, for when it’s available.

Topics

Global Exceptions

property list key NSAllowsArbitraryLoads

A Boolean value indicating whether App Transport Security restrictions are disabled for all network connections.

Name: Allow Arbitrary Loads
property list key NSAllowsArbitraryLoadsForMedia

A Boolean value indicating whether all App Transport Security restrictions are disabled for requests made using the AV Foundation framework.

property list key NSAllowsArbitraryLoadsInWebContent

A Boolean value indicating whether all App Transport Security restrictions are disabled for requests made from web views.

Name: Allow Arbitrary Loads in Web Content
property list key NSAllowsLocalNetworking

A Boolean value indicating whether to allow loading of local resources.

Domain-Specific Exceptions

property list key NSExceptionDomains

Custom configurations for App Transport Security named domains.

Name: Exception Domains

See Also

Foundation

property list key NSAppleScriptEnabled

A Boolean value indicating whether AppleScript is enabled.

Name: Scriptable
property list key NSExtension

The properties of an app extension.

property list key NSHighResolutionCapable

A Boolean value indicating whether the Cocoa app supports high-resolution displays.

Name: High Resolution Capable
property list key NSHumanReadableCopyright

A human-readable copyright notice for the bundle.

Name: Copyright (human-readable)
property list key NSJavaRoot

The root directory for the app’s Java class files.

Name: Java root directory
property list key NSMainNibFile

The name of an app’s main user interface file.

Name: Main nib file base name
property list key NSMainStoryboardFile

The name of an app's storyboard resource file.

Name: Main storyboard file base name
property list key NSPrincipalClass

The name of the bundle’s main executable class.

Name: Principal class
property list key NSSupportsAutomaticGraphicsSwitching

A Boolean value indicating whether an OpenGL app may utilize the integrated GPU.

Name: Supports Automatic Graphics Switching
property list key NSSupportsPurgeableLocalStorage

A Boolean value indicating whether the app continues working if the system purges the local storage.

property list key NSDesktopFolderUsageDescription

A message that tells the user why the app needs access to the user’s Desktop folder.

Name: Privacy - Desktop Folder Usage Description
Beta
property list key NSDocumentsFolderUsageDescription

A message that tells the user why the app needs access to the user’s Documents folder.

Name: Privacy - Documents Folder Usage Description
Beta
property list key NSDownloadsFolderUsageDescription

A message that tells the user why the app needs access to the user’s Downloads folder.

Name: Privacy - Downloads Folder Usage Description
Beta
property list key NSNetworkVolumesUsageDescription

A message that tells the user why the app needs access to files on a network volume.

Name: Privacy - Network Volumes Usage Description
Beta
property list key NSRemovableVolumesUsageDescription

A message that tells the user why the app needs access to files on a removable volume.

Name: Privacy - Removable Volumes Usage Description
Beta
property list key NSFileProviderPresenceUsageDescription

A message that tells the user why the app needs to be informed when other apps access files that it manages.

Name: Privacy - File Provider Presence Usage Description
Beta
property list key NSFileProviderDomainUsageDescription

A message that tells the user why the app needs access to files managed by a file provider.

Name: Privacy - Access to a File Provider Domain Usage Description
Beta