[英]What is the best way of implementing App Transport Security?
I'm making a web browser and I'm in the process of finalizing the application and submitting it to the app store. 我正在制作一个网络浏览器,并且正在完成应用程序的定型并将其提交给应用程序商店。
One of the things I left for last is App Transport Security. 我最后留下的一件事是应用程序传输安全性。
I know it's forced so Developers use https:// instead of http:// but a web browser can't be limited like this. 我知道这是强制性的,因此开发人员使用https://而不是http://,但是不能限制Web浏览器。
Is there anything else I can do besides adding "NSAllowsArbitraryLoads: YES" to the info.plist file? 除了在info.plist文件中添加“ NSAllowsArbitraryLoads:是”之外,我还能做其他事情吗?
NSAllowsArbitraryLoadsForMedia
, NSAllowsArbitraryLoadsInWebContent
, NSRequiresCertificateTransparency
or NSAllowsLocalNetworking
instead of the highly insecure ArbitraryLoads: YES
. NSAllowsArbitraryLoadsForMedia
, NSAllowsArbitraryLoadsInWebContent
, NSRequiresCertificateTransparency
或NSAllowsLocalNetworking
评估,而不是使用高度不安全的ArbitraryLoads: YES
。 web browser
application, I don't see much of an alternative besides ArbitraryLoads: YES
. web browser
应用程序,除了ArbitraryLoads: YES
之外,我看不到其他很多选择。 You can consider implementing alerting the user when loading such sites.
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.