> On Dec 4, 2017, at 3:44 PM, Daniel Jalkut <jal...@red-sweater.com> wrote: > > I’ve proactively configured ATS in my app so that domains I expect to always > support HTTPS are required to use it. One of the domains I’ve configured in > this way is “wordpress.com”. > > I’m seeing a puzzling behavior in which an NSURLSession data task fails with > -1022 (NSURLErrorAppTransportSecurityRequiresSecureConnection) when I try to > load: > > http://sweatershots.wordpress.com/ > > But succeeds when I try to load: > > http://sweatertest.wordpress.com/ > > I can’t make any sense of it. The only thing to note about the failing URL > are that it was a new subdomain just registered at WordPress.com today. The > succeeding one is a URL that I have worked with from this app for a long time. > > Does the ATS system provide some kind of courtesy grandfathering for specific > subdomains? What else would explain this? > > By the way, I am setting a cache policy to ignore local cache, so I don’t > think it’s anything like that. > > Daniel
There is an exception list for ATS in the Info.plist. Would sweatertest.wordpress.com <http://sweatertest.wordpress.com/> be listed there? Unless an http URL is in the exception list, it will always fail. (See NSExceptionDomains) https://developer.apple.com/library/content/documentation/General/Reference/InfoPlistKeyReference/Articles/CocoaKeys.html#//apple_ref/doc/uid/TP40009251-SW33 <https://developer.apple.com/library/content/documentation/General/Reference/InfoPlistKeyReference/Articles/CocoaKeys.html#//apple_ref/doc/uid/TP40009251-SW33> Tom
_______________________________________________ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com