App Transport Security and IP addresses in iOS9
I develop my iOS app using a local server running on my dev box. When testing on devices, I connect directly via an IP address, which is over HTTP and not HTTPS (so I don't have to deal with self-signed certs while in development, which the device wouldn't even like anyways).
I thought that this would be sufficient:
However, cannot get it to work without also adding NSAllowsArbitraryLoads = YES
, AKA this:
Now, I will have to remember to remove this when rolling a production build but not during development...arg. Should the NSExceptionDomains
work with IP addresses, and if not, is there anything else I can do without also enabling NSAllowsArbitraryLoads
?
Hard-coded IP address wont work in iOS9. I also faced the same issue. Tried all permutations & combinations of available solutions. Finally, had to use a proper domain name.
So, NO.In iOS9 you just can't get away with hard-coded IP addresses.
is there anything else I can do without also enabling
NSAllowsArbitraryLoads
?
One workaround is to use xip.io, as explained by QJeffR in this Apple Developer Forums thread (which was shared by David L in his comment):
A DNS call to (for example) 10.0.1.8.xip.io will resolve to 10.0.1.8, allowing use of the domain instead of the IP address for the
NSExceptionDomains
key.
As @PanxShaz said you can't put an hardcoded IP address but you can use an easy workaround:
-
Open your
/etc/hosts
file usingsudo
and add a new local domain name for your ip address. Example:192.168.99.100 docker-host.localhost
-
Then flush your DNS :
dscacheutil -flushcache
-
And finally use this new local domain in your app transport security exceptions.
If you are targeting iOS 10+, just set the NSAllowsLocalNetworking flag.