App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure 解决

最新推荐文章于 2020-11-04 14:47:43 发布
原创 最新推荐文章于 2020-11-04 14:47:43 发布 · 1.3k 阅读 · 0 ·
CC 4.0 BY-SA版权
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
文章标签:

#xcode #插件

本文介绍如何解决Xcode7升级后使用AFNetworking插件出现的警告问题。需在Info.plist文件中添加NSAppTransportSecurity及NSAllowsArbitraryLoads配置,允许非安全连接。

做项目的时候经常会用到网络请求,因此AFNetworking这个插件可谓是非常好用,但是在升级之后,再用AFNetworking会报如下警告,表示不能对网络进行请求:

App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file.

上网查了一下,说是因为xcode,说是因为AFNetworking访问的是https://,但是升级之后,Xcode默认的访问是http://,因此需要在info.list里面进行如下操作:


首先找到Supporting Files->Info.plist



然后在里面添加一个key:NSAppTransportSecurity,类型为字典类型(Xcode7之后会自动变为:App Transport Security Settings)





接着在上一个字典里面再添加一个key:NSAllowsArbitraryLoads  类型为Boolean 值设置为YES(Xcode7之后会自动变为:Allow Arbitrary Loads)



通过这样设置,那么AFNetworking的插件就可以运行在我们的Xcode7.0的版本了

App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure解决
05-10 762
选择下图所示选项: App Transport Security Settings。type改为字典 (Dictionary)值改为YES后重新编译启动问题解决。展开并点击添加号添加子项。
xcode7 “Application Transport Security has blocked a cleartext HTTP (http://) resource ”的解决
11-10 1107
Application Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file. xcode数据请求出错的解决办法
Xcode 7 App Transport Security has blocked a cleartext HTTP 报错解决办法
weixin_30822451的博客
08-21 202
Xcode 7 创建新项目用到 UIWebView 发送请求时,报下面的错:“App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app’s Info.pli...
App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure
VictorZhang
10-07 1406
App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file. iOS 9.0由于强制使用https  所以之前使用
App TransportSecurity has blocked a cleartext HTTP (http://)
wang_we的专栏
01-06 578
今天开发中,遇到下问题,Xcode提示如下: “App TransportSecurity has blocked a cleartext HTTP (http://) resource load since it isinsecure. Temporary exceptions can be configured via your app's Info.plistfile.” 简而言之:
Task <BDB12BD9-FB5B-401A-8726-B023A6CD4C77>.<8> finished with error [-1022] Error Domain=NSURLErrorDomain Code=-1022 "The resource could not be loaded because the App Transport Security policy requires the use of a secure connection." UserInfo={NSLocalizedDescription=The resource could not be loaded because the App Transport Security policy requires the use of a secure connection., NSErrorFailingURLStringKey=http://101.200.61.230:13000/mininggame/api/users/signin?appId=1&idType=0&idToken=F54557E3-E375-4DE7-9A08-015AF2C86BCD&timezone=Pacific/Honolulu&country=USA, NSErrorFailingURLKey=http://101.200.61.230:13000/mininggame/api/users/signin?appId=1&idType=0&idToken=F54557E3-E375-4DE7-9A08-015AF2C86BCD&timezone=Pacific/Honolulu&country=USA, _NSURLErrorRelatedURLSessionTaskErrorKey=( "LocalDataTask <BDB12BD9-FB5B-401A-8726-B023A6CD4C77>.<8>" ), _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <BDB12BD9-FB5B-401A-8726-B023A6CD4C77>.<8>, NSUnderlyingError=0x138f44840 {Error Domain=kCFErrorDomainCFNetwork Code=-1022 "(null)"}}
07-09
App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file. ``` 通过分析此类日志,可以快速...
关于iOS9中的App Transport Security相关说明及适配(更新于2016.7.1)
vimfung的博客
11-07 523
@[toc](关于iOS9中的App Transport Security相关说明及适配(更新于2016.7.1)) 修订时间 内容 2016.7.1 根据苹果官方文档的修改做出文档的调整,并加入对诊断ATS的命令行工具nscurl进行说明。 2015.8.19 解决在iOS9下基于ATS对HTTP的请求的说明及适配进行说明 iOS9中新增App Transport Sec...
iOS: App Transport Security
shuai265的博客
01-23 468
编写了一个简单的Demo,其中一个界面中WebView控件需要进行网络连接,但程序运行时出错: App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's
App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure.
Keep It Simple, Stupid
11-22 5402
解决方法: 1.使用https协议请求; 2.Info.plist中增加App Transport Security Settings子项Allow Arbitrary Loads设置为YES。
iOS ATS(App Transport Security has blocked a cleartext HTTP (http://) resource load since it is i...
mazaiting的博客
01-04 140
异常日志: 2018-01-04 15:33:42.270 01NSURLConnection[532:15138] App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions c...
App Transport Security has blocked a cleartext HTTP(http://) resource load since it is insecure.
iverain的专栏
01-12 3453
使用Xcode 7创建项目,向服务器发送请求时,无法连接服务器,错误信息如下: App Transport Security has blocked a cleartext HTTP(http://) resource load since it is insecure. Temporary exceptions can be configured via your app’s In
App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Te
baidu_40537062的博客
11-04 2008
iOS 发送HTTP请求报错: App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app’s Info.plist file. 原因/解决办法: iOS 的网络请求要求的安全性比较高都是https格式的,如果非要使用http格式的,就必须在info.plist文件中进行
App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. 报错...
路漫漫其修远
09-23 171
在做一个网络应用时,解析json时报错 App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file. fatal error...
解决App Transport Security has blocked a cleartext HTTP (http://) resource load
xiaohuihui1225021的博客
03-14 478
前段时间赶项目去了,基本没时间来写一写基础,这次想写个网上获取图片,结果发现苹果的HTTP协议修改了,出现了 App Transport Security has blocked a cleartext HTTP (http://) resource load 错误 https://developer.apple.com/library/prerelease/ios/releasenotes
App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. 问题
jiuqiaozi的专栏
02-18 417
在Info.plist文件中添加"NSAppTransportSecurity", Type为"Dictionary",再添加"NSAllowsArbitraryLoads", Type 为"Boolean",“Value”为“YES”即可。
编译问题:App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecur
逆流瞅瞅的专栏
10-25 704
今天遇到一个问题,在Xcode6.3.2 上程序运行没问题模拟器正常显示,但换到Xcode7.0.1上 会报错 错误描述: App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be conf
DOMException: Blocked a frame with origin "http://localhost:8080" from accessing a cross-origin frame.
最新发布
09-11
这是一个常见的浏览器安全错误,通常出现在你尝试从一个网页访问另一个不同源(origin)的 iframe 或 window 的时候。浏览器通过 **同源策略(Same-Origin Policy)** 来阻止这种跨域访问,以防止恶意网站窃取敏感信息。 --- ### 错误信息解释: ``` DOMException: Blocked a frame with origin "http://localhost:8080" from accessing a cross-origin frame. ``` - 你当前的网页运行在 `http://localhost:8080` - 你试图访问另一个不同源的 frame(例如嵌套的 iframe 或者通过 `window.open` 打开的窗口) - 由于两个页面的 origin(协议 + 域名 + 端口)不同,浏览器阻止了你的访问 --- ## ✅ 解决方案 ### ✅ 1. **确保同源** 最简单、最安全的方法是确保你要访问的 frame 与主页面是 **同源** 的。 ```html <!-- 确保 src 的 origin 与当前页面一致 --> <iframe id="myIframe" src="http://localhost:8080/other-page.html"></iframe> ``` ### ✅ 2. **使用 postMessage 进行跨域通信** 如果你确实需要跨域访问,可以使用 HTML5 的 `postMessage()` API 来实现安全的跨域通信。 #### 主页面代码(http://localhost:8080): ```html <iframe id="myIframe" src="http://example.com/iframe.html"></iframe> <script> const iframe = document.getElementById('myIframe'); // 向 iframe 发送消息 iframe.contentWindow.postMessage('Hello from localhost', 'http://example.com'); // 监听来自 iframe 的响应 window.addEventListener('message', function(event) { if (event.origin !== 'http://example.com') return; // 安全检查 console.log('收到消息:', event.data); }); </script> ``` #### iframe 页面代码(http://example.com/iframe.html): ```html <script> // 监听主页面发来的消息 window.addEventListener('message', function(event) { if (event.origin !== 'http://localhost:8080') return; console.log('收到主页面消息:', event.data); // 回复消息 event.source.postMessage('Hello from iframe', event.origin); }); </script> ``` ### ✅ 3. **服务器设置 CORS 头(适用于 API 通信)** 如果你是通过 iframe 页面请求 API 数据,而不是直接访问 DOM,可以在服务器端添加 CORS 头: ```http Access-Control-Allow-Origin: * ``` 或者更安全地指定允许的源: ```http Access-Control-Allow-Origin: http://localhost:8080 ``` --- ## ❌ 不推荐的做法(不安全) ### 禁用浏览器安全策略(仅限开发测试) 你可以通过启动浏览器时加上参数来禁用同源策略,**仅用于本地调试**,**不要用于生产环境**: ```bash # Chrome 示例 chrome.exe --disable-web-security --user-data-dir="C:/ChromeDevSession" ``` --- ## 🔍 常见问题排查 | 问题类型 | 检查点 | |----------|--------| | 不同域名 | `localhost` vs `127.0.0.1` | | 不同端口 | `localhost:8080` vs `localhost:3000` | | 不同协议 | `http` vs `https` | | 子域名 | `a.example.com` vs `b.example.com` | ---
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值