cordova-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shazron Abdullah (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CB-11440) iOS: Remove default: disabled NSAppTransportSecurity - soon required by Apple
Date Tue, 14 Feb 2017 01:02:41 GMT

    [ https://issues.apache.org/jira/browse/CB-11440?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15864799#comment-15864799
] 

Shazron Abdullah commented on CB-11440:
---------------------------------------

[~freetz] You would just remove the wildcard in config.xml access tag and put in your own
rules. We allow everything by default for ease of first use.

> iOS: Remove default: disabled NSAppTransportSecurity - soon required by Apple 
> ------------------------------------------------------------------------------
>
>                 Key: CB-11440
>                 URL: https://issues.apache.org/jira/browse/CB-11440
>             Project: Apache Cordova
>          Issue Type: Bug
>          Components: iOS
>         Environment: cordova-ios 4.1.1
>            Reporter: Michael Schmidt
>            Assignee: Shazron Abdullah
>            Priority: Blocker
>              Labels: iOS, triaged
>
> iOS platform by default disables https:
> {code}
>     <key>NSAppTransportSecurity</key>
>     <dict>
>       <key>NSAllowsArbitraryLoads</key>
>       <true/>
>     </dict>
> {code}
> Apple soon requires HTTPS:
> "Apple mandates App Store apps support ATS security protocol by 2017"
> http://appleinsider.com/articles/16/06/14/apple-mandates-app-store-apps-support-ats-security-protocol-by-2017
> --> remove this default from cordova ios platform



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org


Mime
View raw message