Unable to load plugin list

[bosel]

After reinstalling qs following an upgrade to the latest osx release I am unable to load the plugin list (or check for updates for that matter).

log snippet:

Quicksilver[586]: Fetching plugin data from http://cdn.qsapp.com/plugins/info.php?qsversion=16403
Quicksilver[586]: App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file

• qs 1.3.1 (4013)
• osx 10.11

[Giomanach13]

I have the same problem: after reinstalling QS is unable to load the list of plugins or check for updates.

qs 1.3.1 (4013)
osx 10.11

[skurfer]

This is because of Apple’s new App Transport Security. A good thing for the most part, but we have to rethink some things. We can fix it in the next release, but you probably won’t be notified about it if the app can’t check for updates. We’ll announce it in the users’ group or you can follow along here.

[juhucoding]

for the sake of completeness, a log from console:

10.10.15 09:42:19,752 Quicksilver[7609]: Download failed! Error - http://cdn.qsapp.com/plugins/download.php?qsversion=16403&id=com.blacktree.Quicksilver.QSWebSearchPlugIn&version=590 The resource could not be loaded because the App Transport Security policy requires the use of a secure connection. http://cdn.qsapp.com/plugins/download.php?qsversion=16403&id=com.blacktree.Quicksilver.QSWebSearchPlugIn&version=590

[sobutay]

You can change the App Transport Security settings in the Info.plist to allow unsecure access for the related FQDNs as a temporary fix. More details below.

http://www.neglectedpotential.com/2015/06/working-with-apples-application-transport-security/

[fspreiss]

Same here. I just downloaded Quicksilver for the first time, but can't start using it (on OS X 10.11) because the app is unable to load the plugin list. Is there a known workaround?

[sobutay]

I've just written it above @fspreiss

[juhucoding]

to make it more clear (according to the answer from KrzysiekF at http://forum.ionicframework.com/t/nsurlsession-nsurlconnection-http-load-failed/32898/3)

the TAS can be switched off by adding

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSAllowsArbitraryLoads</key>
    <true/>
</dict>

to

/Applications/Quicksilver.app/Contents/Info.plist

in the line after

<plist version="1.0">

[gruenheit]

Sorry, this does not work for me; after adding those lines in /Applications/Quicksilver.app/Contents/Info.plist QS refused to start. After reverting to its former state QS started again.

[charliewilkins]

@gruenheit Move the key and dict block into the dict element. Top of the file should look like this:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
  <key>NSAppTransportSecurity</key>
  <dict>
    <key>NSAllowsArbitraryLoads</key>
    <true/>
  </dict>

[gruenheit]

works fine, thanks!

[jspiro]

Might it not be most wise to unrelease the current version until fixed? It's going to cripple a lot of people and create a support load. Even when fixed they won't realize it. 1.3.1 isn't a critical release.

[pjrobertson]

The problem isn't with 1.3.1, but with El Capitan.

On 13 October 2015 at 14:11, Jono Spiro notifications@github.com wrote:

Might it not be most wise to unrelease the current version until fixed?
It's going to cripple a lot of people and create a support load. 1.3.1
isn't a critical release.

—
Reply to this email directly or view it on GitHub
#2114 (comment)
.

[jspiro]

I get that -- but Apple is getting a lot better about quick adoption rates, and this is a subtle bug. I'm not sure there's a strong argument for keeping a minor point release if it makes getting future updates impossible.

That said, the damage may already be done depending on the default setting for how frequently to check updates ;-)