breautek edited a comment on issue #915:
URL: https://github.com/apache/cordova-ios/issues/915#issuecomment-704695345
After reading this a second time (few months later...) I realise that my
original interpretation was completely wrong. It's not that they cannot connect
to your servers, it's that they want you to use HTTPS instead of HTTP, unless
if you have a **really** good reason why you can't use HTTPS.
The rejection is related to `NSAllowsArbitraryLoads`.
If you have this set to true, it must be limited to scope as much as
possible, with proper justification.
Some examples of acceptable justifications are:
- App must connect to a server not controlled by you and it doesn't support
secure connections.
- App loads media content that is encrypted and doesn't contain any
personalized information
- App must support connecting to devices that cannot be upgraded to use
secure connections and must be accessed using public host names.
In your case, if `{MY_DOMAIN}` is controlled by you, then you should install
TLS on it and route your app through https. If it's not controlled by you, then
you must explain that.
If you're using these settings, you must provide this information explaining
why your app cannot use secure connections by default. See [Apple
Docs](https://developer.apple.com/documentation/security/preventing_insecure_network_connections?language=objc#3138036)
for more info.
Since this isn't a bug with Cordova, I'll be close this issue. However if
you require more assistance, I'll invite you to our
[Slack](http://slack.cordova.io/).
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
