Cocoa Keys
Cocoa and Cocoa Touch are the environments used to define Objective-C based apps that run in OS X and iOS respectively. The keys associated with the Cocoa environments provide support for Interface Builder nib files and provide support for other user-facing features vended by your bundle.
Cocoa keys use the prefix NS to distinguish them from other keys. For information about developing Cocoa Touch apps for iOS, see App Programming Guide for iOS. For information about developing Cocoa apps for OS X, see Cocoa Fundamentals Guide.
NSAppTransportSecurity
NSAppTransportSecurity (Dictionary - iOS, OS X) Use this key to describe your app’s intended network behavior if you require exceptions from best practices for secure communication over the Internet.
Starting in iOS 9.0 and OS X v10.11, App Transport Security (ATS) is enabled as a system default behavior. It improves the privacy and data integrity of connections between an app and web services by using the Transport Layer Security (TLS) protocol version 1.2 (RFC 5246). ATS converts all HTTP requests to HTTPS (RFC 2818) automatically; attempts to connect insecurely over the Internet fail.
The APIs that provide ATS are the NSURLConnection and NSURLSession classes and the CFURLRef opaque type.
If your app uses secure network connections exclusively and those connections use best-practice networking properties, you do not need to employ the NSAppTransportSecurity key.
If you link your app against an operating system older than iOS 9.0 or OS X v10.11, ATS is not available, and you would likewise not use this key.
Table 2 shows the keys for describing your app’s intended network behavior.
NSAllowsArbitraryLoads
Boolean
An optional Boolean value that, when set to YES, disables App Transport Security (ATS) for any domains not listed in the NSExceptionDomains dictionary.
NOTE Enabling this key is intended for debugging and development purposes.
Disabling ATS allows connection regardless of HTTP or HTTPS configuration, allows connection to servers with lower TLS versions, and allows cipher suites that do not support forward secrecy (FS).
With this key set to YES, a domain listed in the NSExceptionDomains dictionary uses the settings you specify for it.
This key’s default value of NO results in default ATS behavior for all connections.
Allowing Insecure Connection to a Single Server
To use ATS generally but allow connection to a specific server that does not support the HTTPS protocol—for example, a media server that your app uses—employ the following configuration pattern in your Info.plist file:
NSAppTransportSecurity
NSExceptionDomains
“media_server.example.com”
NSExceptionAllowsInsecureHTTPLoads = YES
579
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
