Chapter 11. Security

iOS 9 didn’t change much with regard to the Security framework. A few things were added, mainly about the keychain. There are also some additions that are about Application Transport Security, or ATS. ATS is now incorporated into iOS 9, so all apps compiled with Xcode 7, linked against iOS 9, and running under iOS 9 will by default use HTTPS for all their network traffic. This is really good, and not so good. It is good because it strongly encourages the use of secure connections for everything, but sometimes it can be annoying to force using a secure connection for everything!

There are also some changes that affect the way we can store values in the keychain, but overall, not much to worry about.

11.1 Protecting Your Network Connections with ATS

Problem

You want to control the details about the HTTPS channels through which your network connections go, or use a non-secure channel (HTTP).

I do not personally suggest using non-secure connections. However, in some cases, if you are using a backend that does not provide an HTTPS variant, you will be eventually forced to go through HTTP. In this chapter, I’ll help you figure out how to do that as well.

Solution

As I said, by default, all domain names that you use in your URLs will be going through secure channels. But you can indicate specific exceptions. ATS has a dictionary key in your Info.plist file called NSAppTransportSecurity. Under that, you have another dictionary key called NSExceptionDomains. Under ...

Get iOS 9 Swift Programming Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.