Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
iOS 9 AFHTTPRequestOperation failure #2779
In iOS 8, the below code works (in Sim and Device) with the latest version of AFNetworking. In iOS 9, the below code fails with AFHTTPRequestOperation returning the following error in the failure block (in Sim and Device):
Error Domain=NSURLErrorDomain Code=-1012 "The operation couldn’t be completed. (NSURLErrorDomain error -1012.)"
__weak __typeof(self)weakSelf = self;
Found the answer:
From Apple documentation:
ATS prevents accidental disclosure, provides secure default behavior, and is easy to adopt. You should adopt ATS as soon as possible, regardless of whether you’re creating a new app or updating an existing one. If you’re developing a new app, you should use HTTPS exclusively. If you have an existing app, you should use HTTPS as much as you can right now, and create a plan for migrating the rest of your app as soon as possible.
In beta 1, currently there is no way to define this in info.plist. Solution is to add it manually:
I was able to reproduce the problem. Using @kross50's solution I was able to fix it. I just added an exception in my info.plist with the domain I was using and it worked normally.
<key>NSAppTransportSecurity</key> <dict> <key>NSExceptionDomains</key> <dict> <key>yourserver.com</key> <dict> <!--Include to allow subdomains--> <key>NSIncludesSubdomains</key> <true/> <!--Include to allow HTTP requests--> <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key> <true/> <!--Include to specify minimum TLS version--> <key>NSTemporaryExceptionMinimumTLSVersion</key> <string>TLSv1.1</string> </dict> </dict> </dict>
So, it's not a bug, just new iOS default behaviour. A better error message would've been great though, but... first beta.
(By the way, thanks a lot for posting the answer you found, @kross50!)
Always glad to help... in addition to the above domain-by-domain exception fix... it's also worth noting for views that devs can alternatively just put in a blanket exception with the following in their app's info.plist that covers any http call to any domain [if the first option is not viable because of not knowing up-front which domains will need exceptions]:
I want to make sure everyone fully understands this behavior. I spent some time in the labs last week at WWDC, and got the following information.
If you do need access to specific URLs that are not served over TLS 1.2, you need to write specific exceptions for those domains, not use
Please be careful in sharing the