简体繁体 English

ios9应用程序传输安全性问题在模拟器和设备中有所不同

[英]ios9 app transport security issues different in simulator and device

原文 2015-09-13 12:28:40 1 2 ios/ ios9/ app-transport-security

upon running my app in ios9 simulator, i get app transport security related issues because some of my urls are not using https. 在ios9模拟器中运行我的应用程序后，我遇到了与应用程序传输安全相关的问题，因为我的某些网址未使用https。 I tried it in an ipad with ios9 and its working fine. 我在有ios9的ipad上尝试了它，并且工作正常。

Upon release of ios9, should I expect my live app (sdk 8) to fail on ios9 devices? 发行ios9后，我应该期望自己的实时应用程序（sdk 8）在ios9设备上失败吗？ Just making sure if late appstore updates are safe. 只要确保Appstore的最新更新是否安全即可。

Thanks! 谢谢！

2 个解决方案

Reference 参考

If you're developing a new app, you should use HTTPS exclusively. 如果要开发新的应用程序，则应专门使用HTTPS。 If you have an existing app, you should use HTTPS as much as you can right now, and create a plan for migrating the rest of your app as soon as possible. 如果你有一个现有的应用程序，你应该使用HTTPS，就像你现在就可以 ，并尽快迁移您的应用程序的其余部分创建一个计划。 In addition, your communication through higher-level APIs needs to be encrypted using TLS version 1.2 with forward secrecy. 此外，您需要使用具有前向机密性的TLS 1.2版对通过高级API的通信进行加密。 If you try to make a connection that doesn't follow this requirement, an error is thrown. 如果尝试建立不符合此要求的连接，则会引发错误。 If your app needs to make a request to an insecure domain, you have to specify this domain in your app's Info.plist file. 如果您的应用需要向不安全的域发出请求，则必须在应用的Info.plist文件中指定此域。

I have written a summary and ways to how to check Acceptability of Webservice for iOS 9's App transport security 我已经写了一个摘要以及如何检查Web服务对于iOS 9的应用程序传输安全性的可接受性的方法

https://medium.com/@Mrugraj/app-transport-security-b7910c4fc70f https://medium.com/@Mrugraj/app-transport-security-b7910c4fc70f

It have two ways 它有两种方法