AppTransportSecurity

apple_bundle::info_plist::data_and_storage

Struct AppTransportSecurity 

Source 
pub struct AppTransportSecurity {
    pub allows_arbitrary_loads: Option<bool>,
    pub allows_arbitrary_loads_for_media: Option<bool>,
    pub allows_arbitrary_loads_in_web_content: Option<bool>,
    pub allows_local_networking: Option<bool>,
    pub exception_domains: Option<ExceptionDomains>,
    pub pinned_domains: Option<PinnedDomains>,
}
Expand description

App Transport Security

Fields§

§allows_arbitrary_loads: Option<bool>

A Boolean value indicating whether App Transport Security restrictions are disabled for all network connections.

Set this key’s value to YES to disable App Transport Security (ATS) restrictions for all domains not specified in the NSExceptionDomains dictionary. Domains you specify in that dictionary aren’t affected by this key’s value.

§Important

You must supply a justification during App Store review if you set the key’s value to YES, as described in Provide Justification for Exceptions. Use this key with caution because it significantly reduces the security of your app. In most cases, it’s better to upgrade your servers to meet the requirements imposed by ATS, or at least to use a narrower exception.

Disabling ATS means that unsecured HTTP connections are allowed. HTTPS connections are also allowed, and are still subject to default server trust evaluation, as described in Ensure the Network Server Meets Minimum Requirements. However, extended security checks—like requiring a minimum Transport Layer Security (TLS) protocol version—are disabled. Without ATS, you’re also free to loosen the default server trust requirements, as described in Performing Manual Server Trust Authentication.

In iOS 10 and later and macOS 10.12 and later, the value of the NSAllowsArbitraryLoads key is ignored—and the default value of NO used instead—if any of the following keys are present in your app’s Information Property List file:

  • NSAllowsArbitraryLoadsForMedia
  • NSAllowsArbitraryLoadsInWebContent
  • NSAllowsLocalNetworking

For more information about how the OS version affects ATS behavior, see the NSAppTransportSecurity key’s Versioning section.

§Availability

  • iOS 9.0+
  • macOS 10.11+

§Framework

  • Security
§allows_arbitrary_loads_for_media: Option<bool>

A Boolean value indicating whether all App Transport Security restrictions are disabled for requests made using the AV Foundation framework.

Set this key’s value to YES to disable App Transport Security restrictions for media loaded using the AVFoundation framework, without affecting your URLSession connections. Domains you specify in the NSExceptionDomains dictionary aren’t affected by this key’s value.

Employ this key only for loading encrypted media—like files protected by FairPlay or by secure HTTP Live Streaming—that don’t contain personalized information.

In iOS 10 and later and in macOS 10.12 and later, if you include this key with any value, then App Transport Security ignores the value of the NSAllowsArbitraryLoads key, instead using that key’s default value of NO. For more information about how the OS version affects ATS behavior, see the NSAppTransportSecurity key’s Versioning section.

§Important

You must supply a justification during App Store review if you set the key’s value to YES, as described in Provide Justification for Exceptions.

§Availability

  • iOS 10.0+
  • macOS 10.12+

§Framework

  • Security
§allows_arbitrary_loads_in_web_content: Option<bool>

A Boolean value indicating whether all App Transport Security restrictions are disabled for requests made from web views.

Set this key’s value to YES to exempt your app’s web views from App Transport Security restrictions without affecting your URLSession connections. Domains you specify in the NSExceptionDomains dictionary aren’t affected by this key’s value.

A web view is an instance of any of the following classes:

  • WKWebView
  • UIWebView (iOS only)
  • WebView (macOS only)

In iOS 10 and later and in macOS 10.12 and later, if you include this key with any value, then App Transport Security ignores the value of the NSAllowsArbitraryLoads key, instead using that key’s default value of NO. For more information about how the OS version affects ATS behavior, see the NSAppTransportSecurity key’s Versioning section.

§Important

You must supply a justification during App Store review if you set the key’s value to YES, as described in Provide Justification for Exceptions.

§Availability

  • iOS 10.0+
  • macOS 10.12+

§Framework

  • Security
§allows_local_networking: Option<bool>

A Boolean value indicating whether to allow loading of local resources.

In iOS 9 and macOS 10.11, App Transport Security (ATS) disallows connections to unqualified domains, .local domains, and IP addresses. You can add exceptions for unqualified domains and .local domains in the NSExceptionDomains dictionary, but you can’t add numerical IP addresses. Instead you use NSAllowsArbitraryLoads when you want to load directly from an IP address.

In iOS 10 and macOS 10.12 and later, ATS allows all three of these connections by default, so you no longer need an exception for any of them. However, if you need to maintain compatibility with older versions of the OS, set both of the NSAllowsArbitraryLoads and NSAllowsLocalNetworking keys to YES.

The local networking exception tells newer versions of the OS—which already allow unqualified domains, .local domains, and IP addresses—to ignore the arbitrary loads key. Meanwhile, the arbitrary loads key tells older versions of the OS, which don’t process the local networking exception key, to bypass ATS completely. This allows your app to work on different OS versions while minimizing the use of the wider exception. For more information about how global ATS exceptions interact across OS versions, see the NSAppTransportSecurity key’s Versioning section.

§Note

While ATS doesn’t block local loads by default in newer versions of the OS, consider setting NSAllowsLocalNetworking to YES as a declaration of intent, if appropriate, even if you don’t support older OS versions.

§Availability

  • iOS 10.0+
  • macOS 10.12+

§Framework

  • Security
§exception_domains: Option<ExceptionDomains>

Custom App Transport Security configurations for named domains.

The value for this key is a dictionary with keys that name specific domains for which you want to set exceptions. The value for each domain key is another dictionary that indicates the exceptions for that domain.

NSExceptionDomains : Dictionary {
    <domain-name-string> : Dictionary {
        NSIncludesSubdomains : Boolean
        NSExceptionAllowsInsecureHTTPLoads : Boolean
        NSExceptionMinimumTLSVersion : String
        NSExceptionRequiresForwardSecrecy : Boolean
        NSRequiresCertificateTransparency : Boolean
    }
}

Follow these rules when setting a domain name string:

  • Use lowercase. Use example.com, not EXAMPLE.COM.
  • Don’t include a port number. Use example.com, not example.com:443.
  • Don’t use numerical IP addresses. Don’t use 1.2.3.4. For information about how ATS handles IP addresses, see NSAllowsLocalNetworking.
  • Don’t include a trailing dot, unless you only want to match a domain string with a trailing dot. For example, example.com. (with a trailing dot) matches “example.com.” but not “example.com”. Similarly, example.com matches “example.com” but not “example.com.”.
  • Don’t use wildcard domains. Don’t use *.example.com. Instead, use example.com and set NSIncludesSubdomains to YES.

The values for the keys in each individual domain’s dictionary control how ATS treats connections made to that domain.

§Note

If you specify an exception domain dictionary, ATS ignores any global configuration keys, like NSAllowsArbitraryLoads, for that domain. This is true even if you leave the domain-specific dictionary empty and rely entirely on its keys’ default values.

§Availability

  • iOS 9.0+
  • macOS 10.11+

§Framework

  • Security
§pinned_domains: Option<PinnedDomains>

A collection of certificates that App Transport Security expects when connecting to named domains.

The value for this optional key is a dictionary with keys that specify the domain names for which you want to set the expected certificates. The value for each domain name key is another dictionary that configures the expected certificates for that domain.

NSPinnedDomains : Dictionary {
    <domain-name-string> : Dictionary {
        NSIncludesSubdomains : Boolean
        NSPinnedCAIdentities : Array
        NSPinnedLeafIdentities : Array
    }
}

For any domain that you specify, you must include one or more expected Certificate Authority (CA) or sub-CA certificates as the value for the NSPinnedCAIdentities key, one or more expected leaf certificates as the value for the NSPinnedLeafIdentities key, or both. If you specify both, App Transport Security (ATS) requires a match in each category.

To specify a domain name string, follow the rules for domain names given in NSExceptionDomains. You can also extend the pinning to cover subdomains by setting the value for the NSIncludesSubdomains key to YES.

Pinning a certificate for a given domain has no impact on other security requirements or configuration. For example, pinning a CA certificate doesn’t change the way the system evaluates that certificate’s suitability as an anchor certificate. For information about securing network connections, see Preventing Insecure Network Connections.

§Availability

  • iOS 14.0+
  • macOS 11.0+

§Framework

  • Security

Trait Implementations§

Source§

impl Clone for AppTransportSecurity

Source§

fn clone(&self) -> AppTransportSecurity

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for AppTransportSecurity

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for AppTransportSecurity

Source§

fn default() -> AppTransportSecurity

Returns the “default value” for a type. Read more
Source§

impl<'de> Deserialize<'de> for AppTransportSecurity

Source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl PartialEq for AppTransportSecurity

Source§

fn eq(&self, other: &AppTransportSecurity) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Serialize for AppTransportSecurity

Source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more
Source§

impl Eq for AppTransportSecurity

Source§

impl StructuralPartialEq for AppTransportSecurity

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

Source§

fn equivalent(&self, key: &K) -> bool

Checks if this value is equivalent to the given key. Read more
Source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

Source§

fn equivalent(&self, key: &K) -> bool

Compare self to key and return true if they are equal.
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,