[iOS] iOS9.0 关闭系统强制使用HTTPS
iOS9.0以后出于对请求安全的考虑默认将Foundation.framework中的HTTP请求协议更换为SSL/TLS,也就是说所有由程序发起的HTTP请求默认将请求HTTPS的内容,而且在HTTPS出现404时不会请求HTTP的内容,如果你的APP原来就使用HTTPS,基本问题不大,但是如果使用HTTP的话,就需要:
1.修改你的服务器配置,使它支持HTTPS访问
2.修改你的info.plist配置,让APP能访问普通的HTTP协议网站
否则调试程序时会在Log中出现以下提示:
App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file. |
修改info.plist时,APPLE也提供了修改方法,在info.plist中增加以下内容即可
<key>NSAppTransportSecurity</key> <dict> <key>NSExceptionDomains</key> <dict> <!--your domain--> <key>lidaren.com</key> <dict> <!--Include to allow subdomains--> <key>NSIncludesSubdomains</key> <true/> <!--Include to allow insecure HTTP requests--> <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key> <true/> <!--Include to specify minimum TLS version--> <key>NSTemporaryExceptionMinimumTLSVersion</key> <string>TLSv1.1</string> </dict> </dict> </dict> |
如果你的app具有浏览器功能,可以这样改,就可以完全放开HTTP访问功能了
<key>NSAppTransportSecurity</key> <dict> <!--Connect to anything (this is probably BAD)--> <key>NSAllowsArbitraryLoads</key> <true/> </dict> |
最后附上原文链接
https://stackoverflow.com/questions/30720813/cfnetwork-sslhandshake-failed-ios-9
ajax test