iOS 9 引入 应用传输安全 (ATS) 鼓励使用安全连接.
iOS 9 introduces App Transport Security (ATS) to encourage the use of secure connections.
这很好,但是如果我的应用程序有一个内置的网络浏览器,用户应该能够使用它来连接到任何网站?例如,Facebook 应用程序允许故事包含指向外部网站的链接.当用户点击此类链接时,它不会启动 Safari,而是启动应用内浏览器.
This is great, but what if my app has a built in web browser that the user should be able to use to connect to any website? For example, the Facebook app allows stories to contain links to external websites. When the user taps such a link, rather than launching Safari, it launches an in-app browser.
如果没有启用全局 NSAllowArbitraryLoads 标志
How can I get this same behavior without enabling the global NSAllowArbitraryLoads flag?
我想要强制使用 https 的所有好处,但想在我的内部浏览器中禁用此检查.在理想情况下,Apple 将允许我在 UIWebView 上指定一个属性,以允许它加载不安全的 URL,而不是全部或全部.我无法将每个域都列入白名单,因为我不知道我的用户将加载哪些 URL.我正在寻找与 iOS 8 兼容的解决方案.
I want all the benefits of enforcing https usage, but want to disable this check in my internal browser. In an ideal world, Apple would allow me to specify a property on my UIWebView to allow it to load insecure URLs, rather than it being all or nothing. There is no way I can whitelist every single domain, since I have no idea which URLs my users will load. I'm looking for a solution that is compatible with iOS 8.
比起启用 NSAllowsArbitraryLoads
,更安全的解决方案是 有条件地使用 SFSafariViewController,它允许任意加载.
Rather than enabling NSAllowsArbitraryLoads
, a more secure solution is to conditionally use SFSafariViewController, which allows arbitrary loads.
如果该类存在,则显示它,否则,显示您自己的 UIViewController(其中包含一个 UIWebView).
If the class exists, then present it, otherwise, present your own UIViewController (which contains a UIWebView).
UIViewController *webBrowser;
if ([SFSafariViewController class] != nil) {
webBrowser = [[SFSafariViewController alloc] initWithURL:url];
} else {
webBrowser = [[ABCWebBrowserController alloc] initWithURL:url];
}
[self presentViewController:webBrowser animated:YES completion:nil];
这篇关于在 iOS 9 中为应用内浏览器禁用 ATS?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!