实施App Transport Security的最佳方法是什么?
[英]What is the best way of implementing App Transport Security?
问题描述
I'm making a web browser and I'm in the process of finalizing the application and submitting it to the app store. 
我正在制作一个网络浏览器,并且正在完成应用程序的定型并将其提交给应用程序商店。
One of the things I left for last is App Transport Security. 我最后留下的一件事是应用程序传输安全性。
I know it's forced so Developers use https:// instead of http:// but a web browser can't be limited like this. 我知道这是强制性的,因此开发人员使用https://而不是http://,但是不能限制Web浏览器。
Is there anything else I can do besides adding "NSAllowsArbitraryLoads: YES" to the info.plist file? 除了在info.plist文件中添加“ NSAllowsArbitraryLoads:是”之外,我还能做其他事情吗?
1 个解决方案
解决方案1
1 已采纳 2017-03-03 22:24:31
- For iOS 10+, you can evaluate using
NSAllowsArbitraryLoadsForMedia,NSAllowsArbitraryLoadsInWebContent,NSRequiresCertificateTransparencyorNSAllowsLocalNetworkinginstead of the highly insecureArbitraryLoads: YES.对于iOS 10以上版本,您可以使用NSAllowsArbitraryLoadsForMedia,NSAllowsArbitraryLoadsInWebContent,NSRequiresCertificateTransparency或NSAllowsLocalNetworking评估,而不是使用高度不安全的ArbitraryLoads: YES。 - However, for a
web browserapplication, I don't see much of an alternative besidesArbitraryLoads: YES.但是,对于web browser应用程序,除了ArbitraryLoads: YES之外,我看不到其他很多选择。 You can consider implementing alerting the user when loading such sites.您可以考虑在加载此类网站时实施警告用户。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.