Connect to HTTPS server but ATS Issue

Question

Created May ’23

Replies 1

Boosts 0

Participants 2

When I investigated the cause of this, I noticed that it was blocked by ATS. When I changed the info.plist code as follows, it started to work.

&lt;key>NSAppTransportSecurity&lt;&#x2F;key>
&lt;dict>
   &lt;key>NSAllowsArbitraryLoads&lt;&#x2F;key>
   &lt;true&#x2F;>
   &lt;key>NSExceptionDomains&lt;&#x2F;key>
   &lt;dict>
- &lt;key>localhost&lt;&#x2F;key>
+ &lt;key>example.de&lt;&#x2F;key>
     &lt;dict>
       &lt;key>NSExceptionAllowsInsecureHTTPLoads&lt;&#x2F;key>
       &lt;true&#x2F;>
     &lt;&#x2F;dict>
   &lt;&#x2F;dict>
&lt;&#x2F;dict>

However, example.de uses HTTPS, WSS communication, and the TLS version is 1.3, using X25519, AES_256_GCM. WSS is on the same server as HTTPS and running on the same port 443. I'm using HTTPS and WSS, but I find it strange that I have to register with NSExceptionDomains.

Do you know why something is rejected by ATS? Also, if I register a domain here in NSExceptionDomains, is there a security vulnerability?

Boost

Answer 1

DTS Engineer OP

Apple

May ’23

However, example.de uses HTTPS

I’m confused. I tried to open https://example.de in Safari on my Mac and it failed with Safari can't open the page ”https://example.de” because Safari can’t establish a secure connection to the server "example.de".

OTOH, http://example.de worked just fine.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0