I am using the url for request token from xing in my ios app. If I am using NSAppTransportSecurity exception, then the link is working. But when I remove it is showing ATS error even though the url is https.
Xing API SSL error
97 Views Asked by user2885077 At
1
There are 1 best solutions below
Related Questions in IOS
- Overlapping UICollectionView in storyboard
- Cannot pod spec lint because of undeclared type errors
- Is the transactionReceipt data present in dataWithContentsOfURL?
- UIWebView Screen Fitting Issue
- ZXingObjC encoding issues
- iOS: None of the valid provisioning profiles allowed the specific entitlements
- How to hide "Now playing url" in control center
- CloudKit: Preventing Duplicate Records
- Slow performance on ipad erasing image
- Swift code with multiple NSDateFormatter - optimization
- iOS 8.3 Safari crashes on input type=file
- TTTTimeIntervalFormatter always returns strings in English
- How do I add multiple in app purchases in Swift Spritekit?
- Setup code for xibs in iOS. -awakFromNb:
- iOS Voice Over only reads out the title of any alert views
Related Questions in SSL
- How to Fix TLS CBC Incorrect Padding Abuse Vulnerability on Windows 2003 Server
- SSL: Error parsing the certificate: Ok
- PHP mysqlnd sha256_password plugin "Access denied", user works from cli mysql
- CFNetwork SSLHandshake failed iOS 9
- Java does not accept 2 methods with same name
- Expected Compatibility Issues with upcoming TLS/SSL Cipher Suite update on Azure WebApps?
- python requests SSLError
- Connecting via mutual SSL fails reading incoming changeCipherSpec
- HTTP to HTTPS mapping using proxy servers
- Ruby on Windows XP: How to change directory of SSL certificates
- KeyStore file is not found in jar, although present in jar
- How do I accept a self-signed SSL certificate using iOS 7's NSURLSession
- Chef remote_file from https site with self signed certificate
- Meteor force-ssl on a staging system without ssl cert?
- Use python SSL to download google.com.au page
Related Questions in APP-TRANSPORT-SECURITY
- How do I load an HTTP URL with App Transport Security enabled in iOS 9?
- kCFStreamErrorDomainSSL, -9802 when connecting to a server by IP address through HTTPS in iOS 9
- Api Call Error in Xcode 7 / iOS 9 (how to setup App Transport Security in plist)
- iOS 9 ... Are WebView(s) exempt from the App Transport Security Exceptions (ATS) rules that block insecure HTTP hosts?
- iOS app API calls blocked by App Transport Security
- why sdwebimage can't download image while my api works fine with https?
- iOS ATS configuration for handling internal redirects to HTTP connection
- Different behaviour NSAllowsArbitraryLoadsInWebContent IOS 10.1 and 10.2
- WKWebView http -> https redirection for iOS 10 ATS Compliance
- POST request error: NSURLConnection HTTP load failed iOS 10
- Accessing local ip address using xcode
- Xing API SSL error
- JSONSerialisation API different url not working
- iOS ATS - How does it work, and how do so many apps ignore it
- App Transport Security (ATT) shown only once on iOS 17
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
It looks like the api.xing.com server does not support forward secrecy (see here), one of the requirements for ATS. Fortunately, you can add a domain exception for the xing.com domain, with the
NSIncludesSubdomainskey set to YES, and theNSThirdPartyExceptionRequiresForwardSecrecykey set to NO as shown here:This should solve the problem, and shouldn't cause problems with Apple when you submit, because the Forward Secrecy exception is one of the ones that will not trigger the need for additional justification when Apple starts enforcing stricter ATS requirements this year (the deadline was originally 12/31/2016, but Apple has extended the deadline to some future unknown date)