Struct ExceptionDomains 

pub struct ExceptionDomains {
    pub includes_subdomains: Option<bool>,
    pub exception_allows_insecure_http_loads: Option<bool>,
    pub exception_minimum_tls_version: Option<ExceptionMinimumTlsVersion>,
    pub exception_requires_forward_secrecy: Option<bool>,
    pub requires_certificate_transparency: Option<bool>,
}

Exception Domains

Fields

includes_subdomains: Option<bool>

A Boolean value that indicates whether to extend the configuration to subdomains of the given domain.

You can include this key in any of the domain-specific dictionaries that you add to the NSExceptionDomains and NSPinnedDomains dictionaries. Adding the NSIncludesSubdomains key affects the applicability of the other configuration in the same domain-specific dictionary. The key is optional, with a default value of NO.

Set the value for this key to YES to apply the configuration for the given domain to all subdomains of the domain that have one additional path component. For example, if you set this value to YES and the domain name string is example.com, then the configuration applies to example.com, as well as math.example.com and history.example.com. However, it doesn’t apply to the subdomains advanced.math.example.com or ancient.history.example.com because those subdomains have two additional path components. If the value is NO the configuration applies only to example.com.

Availability

• iOS 9.0+
• macOS 10.11+

Framework

• Security

exception_allows_insecure_http_loads: Option<bool>

A Boolean value indicating whether to allow insecure HTTP loads.

Set the value for this key to YES to allow insecure HTTP loads for the given domain, or to be able to loosen the server trust evaluation requirements for HTTPS connections to the domain, as described in Performing Manual Server Trust Authentication.

Using this key doesn’t by itself change default server trust evaluation requirements for HTTPS connections, described in Ensure the Network Server Meets Minimum Requirements. Using only this key also doesn’t change the TLS or forward secrecy requirements imposed by ATS. As a result, you might need to combine this key with the NSExceptionMinimumTLSVersion or NSExceptionRequiresForwardSecrecy key in certain cases.

This key is optional. The default value is NO.

Important

You must supply a justification during App Store review if you set the key’s value to YES, as described in Provide Justification for Exceptions.

Availability

• iOS 9.0+
• macOS 10.11+

Framework

• Security

exception_minimum_tls_version: Option<ExceptionMinimumTlsVersion>

The minimum Transport Layer Security (TLS) version for network connections.

This key is optional. The value is a string, with a default value of TLSv1.2.

Important

You must supply a justification during App Store review if you use this key to set a protocol version lower than 1.2, as described in Provide Justification for Exceptions.

Availability

• iOS 9.0+
• macOS 10.11+

Framework

• Security

exception_requires_forward_secrecy: Option<bool>

A Boolean value indicating whether to override the perfect forward secrecy requirement.

Set the value for this key to NO to override the requirement that a server support perfect forward secrecy (PFS) for the given domain. Disabling this requirement also removes the key length check described in Ensure the Network Server Meets Minimum Requirements. However, it doesn’t impact the TLS version requirement. To control that, use NSExceptionMinimumTLSVersion.

This key is optional. The default value is YES, which limits the accepted ciphers to those that support PFS through Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) key exchange.

Availability

• iOS 9.0+
• macOS 10.11+

Framework

• Security

requires_certificate_transparency: Option<bool>

A Boolean value indicating whether to require Certificate Transparency.

Certificate Transparency (CT) is a protocol that ATS can use to identify mistakenly or maliciously issued X.509 certificates. Set the value for the NSRequiresCertificateTransparency key to YES to require that for a given domain, server certificates are supported by valid, signed CT timestamps from at least two CT logs trusted by Apple. For more information about Certificate Transparency, see RFC6962.

Unlike most other ATS exceptions, using a non-default value in this case tightens security requirements.

This key is optional. The default value is NO.

Availability

• iOS 9.0+
• macOS 10.11+

Framework

• Security

Trait Implementations

impl Clone for ExceptionDomains

fn clone(&self) -> ExceptionDomains

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for ExceptionDomains

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for ExceptionDomains

fn default() -> ExceptionDomains

Returns the “default value” for a type.

impl<'de> Deserialize<'de> for ExceptionDomains

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>

where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl PartialEq for ExceptionDomains

fn eq(&self, other: &ExceptionDomains) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Serialize for ExceptionDomains

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.

impl Eq for ExceptionDomains

impl StructuralPartialEq for ExceptionDomains