[英]Disabling App Transport Security and potential down-level client breaks
In my current application I've disabled the App Transport Security (ATS) , by making the flag Allow Arbitrary Loads as YES. 在我当前的应用程序中,我已禁用App Transport Security(ATS) ,方法是将Allow Arbitrary Loads标志设置为YES。 Now I'm adopting ATS ie latest version of my application will be adopted ATS.
现在我采用ATS,即我的应用程序的最新版本将采用ATS。
My Question is for the users who are having my old version application will work after end of this year ? 我的问题是那些使用我的旧版本应用程序的用户将在今年年底之后工作吗?
Thanks in advance. 提前致谢。
If your app does not have a specific reason, you may risk rejection: 如果您的应用没有特定原因,则可能会遭到拒绝:
Setting NSAllowsArbitraryLoads
to true will allow it to work, but Apple was very clear in that they intend to reject apps who use this flag without a specific reason. 将
NSAllowsArbitraryLoads
设置为true将允许它工作,但Apple非常清楚,他们打算拒绝使用此标志的应用程序而没有特定原因。 The main reason to use NSAllowsArbitraryLoads
I can think of would be user created content (link sharing, custom web browser, etc). 使用
NSAllowsArbitraryLoads
我可以想到的是用户创建的内容(链接共享,自定义Web浏览器等)。 And in this case, Apple still expects you to include exceptions that enforce the ATS for the URLs you are in control of. 在这种情况下,Apple仍然希望您包含对您控制的URL强制执行ATS的例外情况。
If you do need access to specific URLs that are not served over TLS 1.2, you need to write specific exceptions for those domains, not use NSAllowsArbitraryLoads
set to YES
. 如果确实需要访问未通过TLS 1.2提供的特定URL,则需要为这些域编写特定的例外,而不是使用设置为
YES
NSAllowsArbitraryLoads
。 You can find more info in the NSURLSesssion
WWDC session . 您可以在
NSURLSesssion
WWDC会话中找到更多信息。
Please be careful in sharing the NSAllowsArbitraryLoads
solution. 请小心共享
NSAllowsArbitraryLoads
解决方案。 It is not the recommended fix from Apple. 这不是Apple的推荐修复。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.