[ 
https://issues.apache.org/jira/browse/CB-11440?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15506937#comment-15506937
 ] 

jcesarmobile commented on CB-11440:
-----------------------------------

NSAllowsArbitraryLoads is added because the default template has the <access 
origin="*" /> on the config.xml

So, the solution for this issue is to remove the <access origin="*" /> from the 
template? and maybe document that Apple will reject your app if you use the 
<access origin="*" />?

> iOS: Remove default: disabled NSAppTransportSecurity - soon required by Apple 
> ------------------------------------------------------------------------------
>
>                 Key: CB-11440
>                 URL: https://issues.apache.org/jira/browse/CB-11440
>             Project: Apache Cordova
>          Issue Type: Bug
>          Components: iOS
>         Environment: cordova-ios 4.1.1
>            Reporter: Michael Schmidt
>            Assignee: Shazron Abdullah
>            Priority: Blocker
>              Labels: iOS, triaged
>
> iOS platform by default disables https:
> {code}
>     <key>NSAppTransportSecurity</key>
>     <dict>
>       <key>NSAllowsArbitraryLoads</key>
>       <true/>
>     </dict>
> {code}
> Apple soon requires HTTPS:
> "Apple mandates App Store apps support ATS security protocol by 2017"
> http://appleinsider.com/articles/16/06/14/apple-mandates-app-store-apps-support-ats-security-protocol-by-2017
> --> remove this default from cordova ios platform



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@cordova.apache.org
For additional commands, e-mail: issues-h...@cordova.apache.org

Reply via email to