ios 应用传输安全阻止了明文 HTTP 资源
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/32761042/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
App Transport Security has blocked a cleartext HTTP resource
提问by Narek Simonyan
I am using Socket.IO library in swift and I keep getting this error:
我正在 swift 中使用 Socket.IO 库,但我不断收到此错误:
App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file.
App Transport Security 已阻止明文 HTTP (http://) 资源加载,因为它不安全。可以通过应用程序的 Info.plist 文件配置临时异常。
when I am trying to send an http request. I added the keys to plist according to the official apple documentation, but it did not help.
当我尝试发送 http 请求时。我根据苹果官方文档将密钥添加到 plist 中,但没有帮助。
回答by William Kinaan
You need to correct it like this:
你需要像这样更正它:
To make it easier, this is the correct xml in the info.plist
为方便起见,这是 info.plist 中的正确 xml
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>localhost</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSTemporaryExceptionMinimumTLSVersion</key>
<string>TLSv1.1</string>
</dict>
</dict>
</dict>
change the localhostto your actual server
更改localhost为您的实际服务器
Check the table for NSAppTransportSecurity options
检查表中的 NSAppTransportSecurity 选项
If you want to all communications with any domain, you can do this:
如果您想与任何域进行所有通信,您可以这样做:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
However, you should use the latest just in the developing phase.
但是,您应该在开发阶段使用最新的。
回答by strwils
Another way to solve this, which I found more convenient, is to disable App Transport Security by default using the NSAllowsArbitraryLoadskey. So any domains you do not include in the NSExceptionDomainsdictionary (or if you don't include NSExceptionDomainsat all) will not be subject to App Transport Security.
我发现更方便的另一种解决方法是默认使用NSAllowsArbitraryLoads密钥禁用 App Transport Security 。因此,您未包含在NSExceptionDomains字典中的任何域(或者如果您根本不包含NSExceptionDomains)将不受 App Transport Security 的约束。
回答by Shanmugasundharam
Xcode project -> go to info.plist and Click + Button then Add (App Transport Security Settings)Expand, Allow Arbitrary Loads Set YES. Thanks
Xcode 项目 -> 转到 info.plist 并单击 + 按钮然后添加(应用程序传输安全设置)扩展,允许任意加载设置为 YES。谢谢
回答by rshev
I see a wrong key and a typo in your screenshot. Here is a working example:
我在您的屏幕截图中看到一个错误的键和一个错字。这是一个工作示例:
回答by figo_albarra
I'm working in xCode 8.2. It's a little different, but editing the PLIST file you need to add this two Items in the App Transport Security SettingsLine... :
我在 xCode 8.2 中工作。它有点不同,但是编辑 PLIST 文件需要在App Transport Security SettingsLine... 中添加这两个 Items :
Allow Arbitrary Loadsand Allow Arbitrary Loads in Web Content... and give them both the key YES.
Allow Arbitrary Loads和Allow Arbitrary Loads in Web Content......并把钥匙给他们YES。
It worked for me, hope this work for you and sorry for my English.
它对我有用,希望这对你有用,对我的英语感到抱歉。
回答by J.Doe
@William Kinaan has the best answer, but it would seem to make best sense to be sure to add the NSAllowsArbitraryLoadsunderneath the exception domain "localhost" ... and not at the higher NSTransportSecurity level which opens that up to all domains.
@William Kinaan 有最好的答案,但确保在异常域“localhost”下添加NSAllowsArbitraryLoads似乎是最有意义的......而不是在更高的 NSTransportSecurity 级别,这会向所有域开放。
