If you are using Xcode 8.0+ and Swift 2.2+ or even Objective C:

如果您使用 Xcode 8.0+ 和 Swift 2.2+ 甚至 Objective C：

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSAllowsArbitraryLoads</key>
    <true/>
    <key>NSExceptionDomains</key>
    <dict>
        <key>example.com</key>
        <dict>
            <key>NSExceptionAllowsInsecureHTTPLoads</key>
            <true/>
            <key>NSIncludesSubdomains</key>
            <true/>
        </dict>
    </dict>
</dict>

Use NSAppTransportSecurity:

使用 NSAppTransportSecurity：

You have to set the NSAllowsArbitraryLoadskey to YESunder NSAppTransportSecuritydictionary in your info.plist file.

您必须在 info.plist 文件中的NSAppTransportSecurity字典下将NSAllowsArbitraryLoads键设置为YES。

Here are the settings visually:

以下是视觉上的设置：

See the forum post Application Transport Security?.

请参阅论坛帖子应用程序传输安全？.

Also the page Configuring App Transport Security Exceptions in iOS 9 and OSX 10.11.

还有页面在 iOS 9 和 OSX 10.11 中配置应用程序传输安全例外。

For example, you can add a specific domain like:

例如，您可以添加特定域，例如：

<key>NSAppTransportSecurity</key>
<dict>
  <key>NSExceptionDomains</key>
  <dict>
    <key>example.com</key>
    <dict>
      <!--Include to allow subdomains-->
      <key>NSIncludesSubdomains</key>
      <true/>
      <!--Include to allow HTTP requests-->
      <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
      <true/>
      <!--Include to specify minimum TLS version-->
      <key>NSTemporaryExceptionMinimumTLSVersion</key>
      <string>TLSv1.1</string>
    </dict>
  </dict>
</dict>

The lazy option is:

懒惰的选择是：

<key>NSAppTransportSecurity</key>
<dict>
  <!--Include to allow all connections (DANGER)-->
  <key>NSAllowsArbitraryLoads</key>
      <true/>
</dict>

Note:

笔记：

info.plistis an XML file so you can place this code more or less anywhere inside the file.

info.plist是一个 XML 文件，因此您可以或多或少地将此代码放置在文件内的任何位置。

This was tested and was working on iOS 9 GM seed - this is the configuration to allow a specificdomain to use HTTP instead of HTTPS:

这已经过测试并且正在 iOS 9 GM 种子上工作 - 这是允许特定域使用 HTTP 而不是 HTTPS 的配置：

<key>NSAppTransportSecurity</key>
<dict>
      <key>NSAllowsArbitraryLoads</key> 
      <false/>
       <key>NSExceptionDomains</key>
       <dict>
            <key>example.com</key> <!--Include your domain at this line -->
            <dict>
                <key>NSIncludesSubdomains</key>
                <true/>
                <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
                <true/>
                <key>NSTemporaryExceptionMinimumTLSVersion</key>
                <string>TLSv1.1</string>
            </dict>
       </dict>
</dict>

NSAllowsArbitraryLoadsmust be false, because it disallows allinsecure connection, but the exceptions list allows connection to somedomains without HTTPS.

NSAllowsArbitraryLoadsmust be false，因为它不允许所有不安全的连接，但例外列表允许连接到一些没有 HTTPS 的域。

This is a quick workaround (but not recommended) to add this in the plist:

这是将其添加到 plist 的快速解决方法（但不推荐）：

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSAllowsArbitraryLoads</key>
    <true/>
</dict>

Which means (according to Apple's documentation):

这意味着（根据Apple 的文档）：

NSAllowsArbitraryLoads
A Boolean value used to disable App Transport Security for any domains not listed in the NSExceptionDomains dictionary. Listed domains use the settings specified for that domain.

The default value of NO requires the default App Transport Security behaviour for all connections.

NSAllowsArbitraryLoads
一个布尔值，用于禁用 NSExceptionDomains 字典中未列出的任何域的应用程序传输安全。列出的域使用为该域指定的设置。

默认值 NO 需要所有连接的默认应用程序传输安全行为。

I really recommend links:

我真的推荐链接：

• Apple's technical note
• WWDC 2015 session 706 (Security and Your Apps)starts around 1:50
• WWDC 2015 session 711 (Networking with NSURLSession)
• Blog post Shipping an App With App Transport Security

• 苹果的技术说明
• WWDC 2015 session 706 (Security and Your Apps)在 1:50 左右开始
• WWDC 2015 session 711（使用 NSURLSession 联网）
• 博客文章使用应用程序传输安全性发送应用程序

which help me understand reasons and all the implications.

这有助于我理解原因和所有含义。

The XML (in file Info.plist) below will:

下面的 XML（在文件 Info.plist 中）将：

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSAllowsArbitraryLoads</key>
    <false/>
    <key>NSExceptionDomains</key>
    <dict>
        <key>PAGE_FOR_WHICH_SETTINGS_YOU_WANT_TO_OVERRIDE</key>
        <dict>
            <key>NSExceptionAllowsInsecureHTTPLoads</key>
            <true/>
        </dict>
    </dict>
</dict>

disallow arbitrary calls for all pages, but for PAGE_FOR_WHICH_SETTINGS_YOU_WANT_TO_OVERRIDEwill allow that connections use the HTTP protocol.

禁止对所有页面进行任意调用，但 forPAGE_FOR_WHICH_SETTINGS_YOU_WANT_TO_OVERRIDE将允许该连接使用 HTTP 协议。

To the XML above you can add:

您可以在上面的 XML 中添加：

<key>NSIncludesSubdomains</key>
<true/>

if you want to allow insecure connections for the subdomains of the specified address.

如果您想允许指定地址的子域的不安全连接。

The best approach is to block all arbitrary loads (set to false) and add exceptions to allow only addresses we know are fine.

最好的方法是阻止所有任意加载（设置为 false）并添加异常以仅允许我们知道正常的地址。

For interested readers

对于感兴趣的读者

2018 Update:

2018 更新：

Apple is not recommending switching this off - more information can be found in 207 session WWDC 2018with more things explained in regards to security

Apple 不建议关闭此功能 - 可以在207 session WWDC 2018 中找到更多信息，其中有更多关于安全性的解释

Leaving the original answer for historic reasons and development phase

由于历史原因和发展阶段而留下原始答案

For those of you who want a more context on whythis is happening, in addition to how to fix it, then read below.

对于那些想要更多关于为什么会发生这种情况的上下文的人，除了如何解决它之外，请阅读下面的内容。

With the introduction of iOS 9, to improve the security of connections between an app and web services, secure connections between an app and its web service must follow best practices. The best practices behavior is enforced by the App Transport Securityto:

随着 iOS 9 的推出，为了提高应用程序和 Web 服务之间连接的安全性，应用程序与其 Web 服务之间的安全连接必须遵循最佳实践。最佳实践行为由应用传输安全强制执行以：

• prevent accidental disclosure, and
• provide a default behavior that is secure.

• 防止意外披露，以及
• 提供安全的默认行为。

As explained in the App Transport Security Technote, when communicating with your web service, App Transport Security now has the following requirements and behavior:

正如App Transport Security Technote 中所述，在与您的 Web 服务通信时，App Transport Security 现在具有以下要求和行为：

• The server must support at least Transport Layer Security (TLS) protocol version 1.2.
• Connection ciphers are limited to those that provide forward secrecy (see the list of ciphers below.)
• Certificates must be signed using a SHA256 or better signature hash algorithm, with either a 2048 bit or greater RSA key or a 256 bit or greater Elliptic-Curve (ECC) key.
• Invalid certificates result in a hard failure and no connection.

• 服务器必须至少支持传输层安全 (TLS) 协议版本 1.2。
• 连接密码仅限于提供前向保密的密码（请参阅下面的密码列表。）
• 证书必须使用 SHA256 或更好的签名哈希算法进行签名，使用 2048 位或更高的 RSA 密钥或 256 位或更高的椭圆曲线 (ECC) 密钥。
• 无效的证书会导致硬故障和无连接。

In other words, your web service request should: a.) use HTTPSand b.) be encrypted using TLS v1.2 with forward secrecy.

换句话说，您的 Web 服务请求应该：a.) 使用HTTPS和 b.) 使用具有前向保密性的 TLS v1.2 进行加密。

However, as was mentioned in other posts, you can override this new behavior from App Transport Security by specifying the insecure domain in the Info.plistof your app.

但是，正如其他帖子中提到的，您可以通过在应用程序的 中指定不安全域来覆盖应用程序传输安全性中的这一新行为Info.plist。

To override, you will need to add the NSAppTransportSecurity> NSExceptionDomainsdictionary properties to your Info.plist. Next, you will add your web service's domain to the NSExceptionDomainsdictionary.

要覆盖，您需要将NSAppTransportSecurity>NSExceptionDomains字典属性添加到您的Info.plist. 接下来，您将把您的 Web 服务的域添加到NSExceptionDomains字典中。

For example, if I want to bypass the App Transport Security behavior for a web service on the host www.yourwebservicehost.comthen I would do the following:

例如，如果我想绕过主机www.yourwebservicehost.com上的 Web 服务的应用传输安全行为，那么我将执行以下操作：

1. Open your app in Xcode.

2. Find the Info.plistfile in Project Navigator and "right-mouse" click on it and choose the Open As> Source Codemenu option. The property list file will appear in the right pane.

3. Put the following properties block inside of the main properties dictionary (under the first <dict>).

1. 在 Xcode 中打开您的应用程序。

2. Info.plist在 Project Navigator 中找到该文件并用“鼠标右键”单击它并选择Open As> Source Code菜单选项。属性列表文件将出现在右窗格中。

3. 将以下属性块放在主属性字典中（在第一个 下<dict>）。

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSExceptionDomains</key>
    <dict>
        <key>www.example.com</key>
        <dict>
            <key>NSExceptionAllowsInsecureHTTPLoads</key>
            <true/>
            <key>NSExceptionMinimumTLSVersion</key>
            <string>TLSv1.1</string>
            <key>NSIncludesSubdomains</key>
            <true/>
        </dict>
    </dict>
</dict>

If you need to provide exceptions for additional domains then you would add another dictionary property beneath NSExceptionDomains.

如果您需要为其他域提供例外，那么您可以在NSExceptionDomains.

To find out more about the keys referenced above, read this already mentioned technote.

要了解有关上面引用的键的更多信息，请阅读已经提到的技术说明。

I do not like editing the plist directly. You can easily add it to the plist using the GUI:

我不喜欢直接编辑 plist。您可以使用 GUI 轻松将其添加到 plist：

• Click on the Info.plist in the Navigator on the left.

• Now change the data in the main area:

  • On the last line add the +
  • Enter the name of the group: App Transport Security Settings
  • Right click on the group and select Add Row
  • Enter Allow Arbitrary Loads
  • Set the value on the right to YES

• 单击左侧导航器中的 Info.plist。

• 现在更改主区域中的数据：

  • 在最后一行添加 +
  • 输入组名：App Transport Security Settings
  • 右键单击组并选择 Add Row
  • 输入允许任意载荷
  • 将右侧的值设置为YES

There are two solutions for this :

对此有两种解决方案：

Solutions 1 :

解决方案1：

1. In Info.plistfile add a dictionary with key 'NSAppTransportSecurity'
2. Add another element inside dictionary with key 'Allow Arbitrary Loads'

1. 在Info.plist文件中添加一个带有键 ' NSAppTransportSecurity'的字典
2. 使用键在字典中添加另一个元素 'Allow Arbitrary Loads'

Pliststructure should appear as shown in below image.

Plist结构应如下图所示。

Solution 2 :

解决方案2：

1. In Info.plistfile add a dictionary with key 'NSAppTransportSecurity'
2. Add another element inside dictionary with key 'NSExceptionDomains'
3. Add element with key 'MyDomainName.com'of type NSDictionary
4. Add element with key 'NSIncludesSubdomains' of type Booleanand value set as YES
5. Add element with key 'NSTemporaryExceptionAllowsInsecureHTTPLoads' of type Booleanand value set as YES

1. 在Info.plist文件中添加一个带有键 ' NSAppTransportSecurity'的字典
2. 使用键 ' NSExceptionDomains'在字典中添加另一个元素
3. 添加具有'MyDomainName.com'NSDictionary 类型键的元素
4. 添加NSIncludesSubdomains类型Boolean和值设置为键“ ”的元素YES
5. 添加NSTemporaryExceptionAllowsInsecureHTTPLoads类型Boolean和值设置为键“ ”的元素YES

Pliststructure should appear as shown in below image.

Plist结构应如下图所示。

Solution 2 is preferred since it allows only selected domain whereas solution 1 allows all insecure HTTP connections.

解决方案 2 是首选，因为它只允许选定的域，而解决方案 1 允许所有不安全的 HTTP 连接。

Transport security is available on iOS 9.0 or later. You may have this warning when trying to call a WS inside your application:

传输安全在 iOS 9.0 或更高版本上可用。尝试在应用程序中调用 WS 时，您可能会收到此警告：

Application Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file.

应用程序传输安全已阻止明文 HTTP (http://) 资源加载，因为它不安全。可以通过应用程序的 Info.plist 文件配置临时异常。

Adding the following to your Info.plist will disable ATS:

将以下内容添加到您的 Info.plist 将禁用 ATS：

<key>NSAppTransportSecurity</key>
<dict>
     <key>NSAllowsArbitraryLoads</key><true/>
</dict>