Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

xcode 7.0beta could not connect to development server. #1563

Closed
samfriend opened this issue Jun 9, 2015 · 26 comments
Closed

xcode 7.0beta could not connect to development server. #1563

samfriend opened this issue Jun 9, 2015 · 26 comments

Comments

@samfriend
Copy link

@samfriend samfriend commented Jun 9, 2015

Today I downloaded IOS9 and xcode7.0beta which is needed for ios9

When I try to build my existing project to both simulator and iphone. It refused to load the index.ios.bundle with msg...

'Application Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file.'

How to make this 'Temporary exceptions' in info.plist file?

thank you very much

@samfriend
Copy link
Author

@samfriend samfriend commented Jun 9, 2015

Adding the following to your Info.plist will disable ATS

< key>NSAppTransportSecurity< / key>
< dict>
< key>NSAllowsArbitraryLoads< / key>< true/>
< / dict>

@samfriend samfriend closed this Jun 9, 2015
@JohnyDays
Copy link
Contributor

@JohnyDays JohnyDays commented Jun 9, 2015

I think this issue shouldn't be closed, we should probably try to make this work out of the box. Or perhaps apple should allow localhost or local ips to be loaded regardless?

@ide
Copy link
Contributor

@ide ide commented Jun 9, 2015

File a bug with Apple if you have a case for local IPs. They might already have a way to whitelist certain IPs in which case we could add localhost. I don't think weakening security for the entire app is a good default if we can avoid it.

@JohnyDays
Copy link
Contributor

@JohnyDays JohnyDays commented Jun 9, 2015

I'd imagine they implemented this to prevent naive implementations of OTA updates. But I do think it doesn't make sense for local IPs. I'm not an expert on IP addresses and other network-y things, but there's a few select ip ranges that are reserved for local networks right? Perhaps that could be automatically added to the whitelist(or atleast referenced somewhere in the docs)

@ide
Copy link
Contributor

@ide ide commented Jun 9, 2015

It has nothing to do with OTA updates. This is blocking HTTP and requiring HTTPS. An alternative solution would be for the packager to serve a self-signed certificate though I'm not sure what it would take to get the client to accept it.

@danielkramer
Copy link

@danielkramer danielkramer commented Jul 10, 2015

I've added the plist entry but it's not clearing up the error. I'm using the latest Xcode Beta released this week - Version 7.0 beta 3 (7A152u)

@sergeyu
Copy link

@sergeyu sergeyu commented Jul 10, 2015

Works for me for Version 7.0 beta 3 (7A152u)

@ide
Copy link
Contributor

@ide ide commented Jul 14, 2015

This is fixed in master (create a new project to get the changes).

@gunn
Copy link

@gunn gunn commented Jul 14, 2015

@ide
Copy link
Contributor

@ide ide commented Jul 14, 2015

You could look at the SampleApp's xcodeproj and manually port over the plist entry that's mentioned earlier in this thread.

@kbpontius
Copy link

@kbpontius kbpontius commented Jul 15, 2015

The above .plist entry worked immediately for me (on an old project ported to Swift 2).

@DIJOiGloo
Copy link

@DIJOiGloo DIJOiGloo commented Sep 30, 2015

I've added the plist entry but it's not clearing up the error. I'm using the latest Xcode Beta released this week - Version 7.1 beta (7B75) Any suggestion?

@edo1493
Copy link
Contributor

@edo1493 edo1493 commented Sep 30, 2015

I am in the same situation, which is quite annoying since I have been working on this project for the last three months. However I am not sure if the simulator doesn't pick up the new updated info.plst or that is not working.

@edo1493
Copy link
Contributor

@edo1493 edo1493 commented Sep 30, 2015

I am sorted, I was trying to change the info from xcode, but opening the file clearly showed my xml was wrong.

@DIJOiGloo
Copy link

@DIJOiGloo DIJOiGloo commented Sep 30, 2015

:)

@fatinWasta
Copy link

@fatinWasta fatinWasta commented Oct 26, 2015

using xcode 7.1 beta 3. None of the solutions are working for me. Did any one solved for xcode 7.1 beta 3?

@yychun1217
Copy link

@yychun1217 yychun1217 commented Oct 27, 2015

tried, the above solutions not working for me either. Any suggestion?

@DIJOiGloo
Copy link

@DIJOiGloo DIJOiGloo commented Oct 27, 2015

Yes I can

@DIJOiGloo
Copy link

@DIJOiGloo DIJOiGloo commented Oct 27, 2015

Am using Xcode Version 7.1 beta (7B75)

allofthenorthwood added a commit to Khan/math-facts that referenced this issue Oct 29, 2015
Summary: See: facebook/react-native#1563

Test Plan: The app now loads

Reviewers: alpert

Reviewed By: alpert

Differential Revision: https://phabricator.khanacademy.org/D22827
jssolichin added a commit to jssolichin/ReactTo36 that referenced this issue Nov 5, 2015
@niftylettuce
Copy link
Contributor

@niftylettuce niftylettuce commented Dec 8, 2015

What's the solution here? I read the app faces rejection possibility if this is in your plist.

@niftylettuce
Copy link
Contributor

@niftylettuce niftylettuce commented Dec 8, 2015

@niftylettuce
Copy link
Contributor

@niftylettuce niftylettuce commented Dec 8, 2015

Looks like the proper fix is:

    <key>NSAppTransportSecurity</key>
    <dict>
        <key>NSExceptionDomains</key>
        <dict>
            <key>localhost</key>
            <dict>
                <key>NSTemporaryExceptionAllowsInsecureHTTPSLoads</key>
                <false/>            
                <key>NSIncludesSubdomains</key>
                <true/>
                <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
                <true/>
                <key>NSTemporaryExceptionMinimumTLSVersion</key>
                <string>1.0</string>
                <key>NSTemporaryExceptionRequiresForwardSecrecy</key>
                <false/>
            </dict>
        </dict>
    </dict> 
@niftylettuce
Copy link
Contributor

@niftylettuce niftylettuce commented Dec 8, 2015

According to https://forums.developer.apple.com/thread/22710 it ignores port number too, so that won't work either (affixing :12345) to your plist definition.

@niftylettuce
Copy link
Contributor

@niftylettuce niftylettuce commented Dec 8, 2015

Aha, I fixed it, for anyone else having this issue, make sure you don't have more than one key for NSAppTransportSecurity.

@Nandulucky
Copy link

@Nandulucky Nandulucky commented Jan 22, 2016

In Info.plist file, I fixed it in Xcode 7.2, App Transport Security Settings as Dictionary and Allow Arbitrary Loads as YES.
it's working absolutely.

@bradleywhite2014
Copy link

@bradleywhite2014 bradleywhite2014 commented Feb 18, 2016

If you're using React Native, niftylettuce has the correct fix.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
You can’t perform that action at this time.