[
https://issues.apache.org/jira/browse/CB-11440?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15864799#comment-15864799
]
Shazron Abdullah commented on CB-11440:
---------------------------------------
[~freetz] You would just remove the wildcard in config.xml access tag and put
in your own rules. We allow everything by default for ease of first use.
> iOS: Remove default: disabled NSAppTransportSecurity - soon required by Apple
> ------------------------------------------------------------------------------
>
> Key: CB-11440
> URL: https://issues.apache.org/jira/browse/CB-11440
> Project: Apache Cordova
> Issue Type: Bug
> Components: iOS
> Environment: cordova-ios 4.1.1
> Reporter: Michael Schmidt
> Assignee: Shazron Abdullah
> Priority: Blocker
> Labels: iOS, triaged
>
> iOS platform by default disables https:
> {code}
> <key>NSAppTransportSecurity</key>
> <dict>
> <key>NSAllowsArbitraryLoads</key>
> <true/>
> </dict>
> {code}
> Apple soon requires HTTPS:
> "Apple mandates App Store apps support ATS security protocol by 2017"
> http://appleinsider.com/articles/16/06/14/apple-mandates-app-store-apps-support-ats-security-protocol-by-2017
> --> remove this default from cordova ios platform
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
