iOS9 App Transport Security Policy

Recently came across this error while trying to build an app for ios9.

The resource could not be loaded because the App Transport Security policy requires the use of a secure connection.

Easy way out is to allow all http requests and stop iOS from automatically converting to https. Here is how:

1. Navigate to the “Info” Panel in your app target.
2. Add a new key titled “NSAppTransportSecurity” with type Dictionary
3. Add a new key under the one you just created with the name “NSAllowsArbitraryLoads” with type Boolean and value YES
4. Build and rejoice… and read on

The idea is to make sure all communications secure, but there are some services that are out of your control. If you know what those are, here is a better way to handle the whitelisting.

1. Navigate to the “Info” Panel in your app target.
2. Add a new key titled “NSAppTransportSecurity” with type Dictionary
3. Add a new key under the one you just created (NSAppTransportSecurity) with the name “NSExceptionDomains” with type Dictionary
4. Add a new key to the NSExceptionsDomains with name “” with type Dictionary ( This is where you whitelist your domain )
5. Add a new key to the with name “NSIncludesSubdomains” of type Boolean and value YES
6. Add a new key to the with name “NSTemporaryExceptionAllowsInsecureHTTPLoads” of type Boolean and value YES
7. ( If you want to specify a minimum tls version ) Add a new key to the with name “NSTemporaryExceptionMinimumTLSVersion” of type String and value TLSv1.1 ( or whatever version you want )

Add more domains by redoing step 4 – 7

Here is a more detailed blog post : http://ste.vn/2015/06/10/configuring-app-transport-security-ios-9-osx-10-11/