Ajax Not working in IOS 9.0 Cordova
$.ajax({
type: "GET",
url: "http://myweb/php",
success: function (data){
alert(data);
},
error:function(xhr,textStatus,err)
{
alert("readyState: " + xhr.readyState);
alert("responseText: "+ xhr.responseText);
alert("status: " + xhr.status);
alert("text status: " + textStatus);
alert("error: " + err);
}
});
And the result I get is:
readyState:0
responseText:""
status:0
text status:error
error:""
I try add header in my php, but still not working. The ajax code work before i update my xcode to 7.0 and ios simulator to 9.0.
header('Content-Type: application/json');
header('Access-Control-Allow-Origin: *');
Solution 1:
As far as i understood the whole ATS (App Transport Security - iOS 9) thing, the recommended method from area28 should not be the one you're using inside an application.
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key><true/>
</dict>
This will allow all external requests to every domain what is definitively not the way you should use it. In my opinion you should define a new <dict>
inside your info.plist
and add this code to it (to edit the info.plist
you can just use a normal text editor like sublime text etc.):
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>domain.tld</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSTemporaryExceptionMinimumTLSVersion</key>
<string>TLSv1.1</string>
</dict>
</dict>
</dict>
This will only allow requests to the domain you specified. The described way is the one which apple introduced on the WWDC 2015. As you can see on the screenshot, it's the way apple want the users to use it.
If you haven't specified anything, you'll get
Failed to load webpage with error: The resource could not be loaded because the App Transport Security policy requires the use of a secure connection.
So, change it like i said and the error is gone away.
Solution 2:
If you are working in an Xcode project you may have to edit the info.plist
file. Security changed with iOS9. Apple is strongly recommending using https for web requests when possible. Here is an answer related to this issue.
From that post:
Add this to your info.plist file.
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key><true/>
</dict>
App Transport Security (ATS) enforces best practices in the secure connections between an app and its back end. ATS prevents accidental disclosure, provides secure default behavior, and is easy to adopt; it is also on by default in iOS 9 and OS X v10.11. You should adopt ATS as soon as possible, regardless of whether you’re creating a new app or updating an existing one.
If you’re developing a new app, you should use HTTPS exclusively. If you have an existing app, you should use HTTPS as much as you can right now, and create a plan for migrating the rest of your app as soon as possible. In addition, your communication through higher-level APIs needs to be encrypted using TLS version 1.2 with forward secrecy. If you try to make a connection that doesn't follow this requirement, an error is thrown. If your app needs to make a request to an insecure domain, you have to specify this domain in your app's Info.plist file.
Solution 3:
For me it was a combination of @area28's and @Sithys' answer. So I ended up adding this to my info.plist:
<dict>
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
<key>NSExceptionDomains</key>
<dict>
<key>example.domain.com</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSTemporaryExceptionMinimumTLSVersion</key>
<string>TLSv1.1</string>
</dict>
</dict>
</dict>