The resource could not be loaded because the App Transport Security policy requires the use of a secure connection

Question

I am facing the Problem when I have updated my Xcode to 7 0 or iOS 9 0  Somehow it started giving me the Titled error      The resource could not be loaded because the App Transport Security   policy requires the use of a secure connection    Webservice Method   - void ServiceCall  NSString  ServiceName   NSString   DataString   NSURLSessionConfiguration  sessionConfiguration    NSURLSessionConfiguration defaultSessionConfiguration        sessionConfiguration setAllowsCellularAccess YES        sessionConfiguration setHTTPAdditionalHeaders      Accept      application json          NSURLSession  session    NSURLSession sessionWithConfiguration sessionConfiguration        NSURL  url    NSURL URLWithString  NSString stringWithFormat       ServiceURL        NSLog   URl       url DataString          Configure the Request     NSMutableURLRequest  request    NSMutableURLRequest requestWithURL url        request setValue  NSString stringWithFormat           strSessName  strSessVal  forHTTPHeaderField   Cookie        request HTTPBody    DataString dataUsingEncoding NSUTF8StringEncoding       request HTTPMethod     Post           post the request and handle response     NSURLSessionDataTask  postDataTask    session dataTaskWithRequest request completionHandler   NSData  data  NSURLResponse  response  NSError  error                                                                                               Handle the Response                                               if error                                                                                                    NSLog        NSString stringWithFormat   Connection failed        error description                                                           Update the View                                                   dispatch async dispatch get main queue                                                                 Hide the Loader                                                        MBProgressHUD hideHUDForView   UIApplication sharedApplication  delegate  window animated YES                                                                                                             return                                                                                                NSArray   cookies     NSHTTPCookieStorage sharedHTTPCookieStorage  cookiesForURL request URL                                                 for  NSHTTPCookie   cookie in cookies                                                                                                    NSLog           cookie name  cookie value                                                     strSessName cookie name                                                    strSessVal cookie value                                                                                                  NSString  retVal     NSString alloc  initWithData data encoding NSUTF8StringEncoding        postDataTask resume        The service is Running fine for Xcode earlier versions and iOS previous versions But when I have updated to Xcode 7 0 that is on iOS 9 0  it started to give me the Problem like following when I am calling the above web service method  The Logged Error which I am getting is      Connection failed  Error Domain NSURLErrorDomain Code -1022  The   resource could not be loaded because the App Transport Security policy   requires the use of a secure connection     UserInfo  NSUnderlyingError 0x7fada0f31880  Error   Domain kCFErrorDomainCFNetwork Code -1022   null       NSErrorFailingURLStringKey MyServiceURL    NSErrorFailingURLKey MyServiceURL    NSLocalizedDescription The resource could not be loaded because the   App Transport Security policy requires the use of a secure   connection     I have tried Following Questions and answers but did not get any result there  is there any advance idea how I can remove that service call error    The resource could not be loaded is ios9 App Transport Security Xcode 7 beta 6 https   stackoverflow com a 32609970

User · Answer

If you are using Xcode 8 0 to 8 3 3 and swift 2 2 to 3 0     In my case need to change in URL http    to https      if not working then try    Add an App Transport Security Setting  Dictionary  Add a NSAppTransportSecurity  Dictionary  Add a NSExceptionDomains  Dictionary  Add a yourdomain com  Dictionary    Ex  stackoverflow com   Add Subkey named   NSIncludesSubdomains  as Boolean  YES Add Subkey named   NSExceptionAllowsInsecureHTTPLoads  as Boolean  YES

User · Answer

I have solved it with adding some key in info plist  The steps I followed are   Opened my Project target s info plist file  Added a Key called NSAppTransportSecurity as a Dictionary   Added a Subkey called NSAllowsArbitraryLoads as Boolean and set its value to YES as like following image     Clean the Project and Now Everything is Running fine as like before  Ref Link  https   stackoverflow com a 32609970 EDIT  OR In source code of info plist file we can add that   lt key gt NSAppTransportSecurity lt  key gt       lt dict gt           lt key gt NSAllowsArbitraryLoads lt  key gt           lt true  gt           lt key gt NSExceptionDomains lt  key gt           lt dict gt               lt key gt yourdomain com lt  key gt               lt dict gt                   lt key gt NSIncludesSubdomains lt  key gt                   lt true  gt                   lt key gt NSThirdPartyExceptionRequiresForwardSecrecy lt  key gt                   lt false  gt               lt  dict gt          lt  dict gt     lt  dict gt

User · Answer

I have solved this issue in the case of a self hosted parse-server using a one year signed certificate rather than the option  NSAllowsArbitraryLoads    Parse Server as any node js server presents a public https url that you have to specify  For instance   parse-server --appId  --masterKey  --publicServerURL https   your public url some nodejs  Feel free to give a look to my configuration files

User · Answer

Make sure you change the right info plist file   This is the second time I waste time on this issue  because I didn t notice that I m changing info plist under MyProjectNameUITests

User · Answer

I managed to solve this with a combination of many of the mentioned options  I   ll include a checklist of all of the things I had to do to get this to work   In short    Set NSAllowsArbitraryLoads to true for my watch extension  not my watch app   Ensure I was using https and not http      Step one   Firstly and most obviously I had to add an NSAppTransportSecurity key as a dictionary in my watch extension   s info plist with a subkey called NSAllowsArbitraryLoads as a boolean set to true  Only set this in the watch extension and not the watch app   s plist  Although take note that this allows all connections and could be insecure     or   lt key gt NSAppTransportSecurity lt  key gt   lt dict gt       lt key gt NSAllowsArbitraryLoads lt  key gt       lt true  gt   lt  dict gt      Step two   Then I had to make sure that the url I was trying to load was https and not just http  For any urls that were still http I used   Swift   let newURLString   oldURLString stringByReplacingOccurrencesOfString  http   withString   https    Obj-C   NSString  newURLString    oldURLString stringByReplacingOccurrencesOfString     http    withString     https

User · Answer

I have solved as plist file   Add a NSAppTransportSecurity   Dictionary   Add Subkey named   NSAllowsArbitraryLoads   as Boolean   YES

User · Answer

This  is Apple s way of forcing tighter security on your apis forced to use https over http   I ll explain how to remove this security setting     Most answers on here point out adding this key to your info plist   This alone did not solve this problem for me  I had to add the same key to inside  Project - gt  Targets - gt  Info - gt  Custom iOS Target Properties     This will allow insecure connections to happen from anyone however  If you want to allow only a specific domain to use make insecure connections  you can add the following to your info plist

User · Answer

You just need to use HTTPS and not HTTP in your URL and it will work

User · Answer

The resource could not be loaded because the App Transport Security policy requires the use of a secure connection working in Swift 4 03   Open your pList info as source code and paste    lt key gt NSAppTransportSecurity lt  key gt   lt dict gt       lt key gt NSAllowsArbitraryLoads lt  key gt       lt true  gt   lt  dict gt

User · Answer

For those of you developing on localhost follow these steps    Tap the     button next to Information Property List and add App Transport Security Settings and assign it a Dictionary Type Tap the     button next to the newly created App Transport Security Settings entry and add NSExceptionAllowsInsecureHTTPLoads of type Boolean and set its value to YES   Right click on NSExceptionAllowsInsecureHTTPLoads entry and click the  Shift Row Right  option to make it a child of the above entry   Tap the     button next to the NSExceptionAllowsInsecureHTTPLoads entry and add Allow Arbitrary Loads of type Boolean and set its value to YES   Note  It should in the end look something like presented in the following picture

User · Answer

If you are using Xcode 8 0 and swift 3 0 or 2 2

User · Answer

Be aware  using NSAllowsArbitraryLoads   true in the project s info plist allows all connection to any server to be insecure  If you want to make sure only a specific domain is accessible through an insecure connection  try this     Or  as source code    lt key gt NSAppTransportSecurity lt  key gt   lt dict gt       lt key gt NSExceptionDomains lt  key gt       lt dict gt           lt key gt domain com lt  key gt           lt dict gt               lt key gt NSExceptionAllowsInsecureHTTPLoads lt  key gt               lt true  gt               lt key gt NSIncludesSubdomains lt  key gt               lt true  gt           lt  dict gt       lt  dict gt   lt  dict gt    Clean  amp  Build project after editing

User · Answer

In Swift 4   You can use  - Go Info plist  -  Click plus of Information properties list  - Add App Transport Security Settings as dictionary  -  Click Plus icon App Transport Security Settings  -  Add Allow Arbitrary Loads set YES  Bellow image look like

User · Answer

Open your pList info as Source Code and at bottom just before  lt  dict gt  add following code     lt  --By Passing-- gt       lt key gt NSAppTransportSecurity lt  key gt       lt dict gt           lt key gt NSExceptionDomains lt  key gt           lt dict gt               lt key gt your domain com lt  key gt               lt dict gt                   lt key gt NSIncludesSubdomains lt  key gt                   lt true  gt                   lt key gt NSTemporaryExceptionAllowsInsecureHTTPLoads lt  key gt                   lt true  gt                   lt key gt NSTemporaryExceptionMinimumTLSVersion lt  key gt                   lt string gt 1 0 lt  string gt                   lt key gt NSTemporaryExceptionRequiresForwardSecrecy lt  key gt                   lt false  gt               lt  dict gt           lt  dict gt       lt  dict gt       lt  --End Passing-- gt    And finally change your domain com with your base Url  Thanks

User · Answer

If you are not a big fan of XML  then just add below tag in your plist file

User · Answer

For iOS 10 x and Swift 3 x  below versions are also supported  just add the following lines in  info plist    lt key gt NSAppTransportSecurity lt  key gt   lt dict gt       lt key gt NSAllowsArbitraryLoads lt  key gt       lt true  gt   lt  dict gt

User · Answer

iOS 9  may  force developers to use App Transport Security exclusively  I overheard this somewhere randomly so I don t know whether this is true myself  But I suspect it and have come to this conclusion   The app running on iOS 9 will  maybe  no longer connect to a Meteor server without SSL   This means running meteor run ios or meteor run ios-device will  probably   no longer work   In the app s info plist  NSAppTransportSecurity  Dictionary  needs to have a key NSAllowsArbitraryLoads  Boolean  to be set to YES or Meteor needs to use https for its localhost server soon

User · Answer

Transport security is provided in iOS 9 0 or later  and in OS X v10 11 and later   So by default only https calls only allowed in apps  To turn off App Transport Security add following lines in info plist file      lt key gt NSAppTransportSecurity lt  key gt     lt dict gt       lt key gt NSAllowsArbitraryLoads lt  key gt       lt true  gt     lt  dict gt    For more info  https   developer apple com library content documentation General Reference InfoPlistKeyReference Articles CocoaKeys html   apple ref doc uid TP40009251-SW33

User · Answer

In Xcode 7 1 onwards swift 2 0

User · Answer

From Apple documentation  If you   re developing a new app  you should use HTTPS exclusively  If you have an existing app  you should use HTTPS as much as you can right now  and create a plan for migrating the rest of your app as soon as possible  In addition  your communication through higher-level APIs needs to be encrypted using TLS version 1 2 with forward secrecy  If you try to make a connection that doesn t follow this requirement  an error is thrown  If your app needs to make a request to an insecure domain  you have to specify this domain in your app s Info plist file   To Bypass App Transport Security    lt key gt NSAppTransportSecurity lt  key gt   lt dict gt     lt key gt NSExceptionDomains lt  key gt     lt dict gt       lt key gt yourserver com lt  key gt       lt dict gt         lt  --Include to allow subdomains-- gt         lt key gt NSIncludesSubdomains lt  key gt         lt true  gt         lt  --Include to allow HTTP requests-- gt         lt key gt NSTemporaryExceptionAllowsInsecureHTTPLoads lt  key gt         lt true  gt         lt  --Include to specify minimum TLS version-- gt         lt key gt NSTemporaryExceptionMinimumTLSVersion lt  key gt         lt string gt TLSv1 1 lt  string gt       lt  dict gt     lt  dict gt   lt  dict gt    To allow all insecure domains   lt key gt NSAppTransportSecurity lt  key gt   lt dict gt     lt  --Include to allow all connections  DANGER -- gt     lt key gt NSAllowsArbitraryLoads lt  key gt     lt true  gt   lt  dict gt    Read More  Configuring App Transport Security Exceptions in iOS 9 and OSX 10 11

User · Answer

If you use firebase  it will add NSAllowsArbitraryLoadsInWebContent   true in the NSAppTransportSecurity section  and NSAllowsArbitraryLoads   true will not work

[ios] The resource could not be loaded because the App Transport Security policy requires the use of a secure connection

Examples related to ios

Examples related to nsurlconnection

Examples related to nsurlsession

Examples related to ios9

Examples related to xcode7