iOS 如何强制连接以独占方式使用安全连接?
How will iOS enforce connections to use a secure connection exclusively?
从 2017 年开始,Apple will require HTTPS connections for iOS apps。应用程序将强制使用基于 TLS 的 ATS 来成功建立连接。
我目前正在为客户开发网络测量工具。使用低级套接字接口,目的是通过 TCP 或 UDP 将数据包传输到网络中的服务器,以测量 WiFi 连接的速度。
由于不清楚 Apple 将如何执行他们的新规则,我们发现很难估计我们的应用程序将如何受到它们的影响。是否有关于此的更多信息?它们适用于哪些类型的连接? iOS 根据哪些特征将连接标记为不安全?
您的应用应该没问题。请参阅此线程以及来自 Apple 员工的回复:https://forums.developer.apple.com/thread/48979
相关部分:
First up, there have been no changes to the technical behaviour of ATS (other than the addition of NSAllowsArbitraryLoadsInWebContent and NSRequiresCertificateTransparency). From a technical perspective, ATS exceptions in the newly seeded OS releases work the same way as they do in the current OS release.
What has changed is that App Review will require “reasonable justification” for most ATS exceptions. The goal here is to flush out those folks who, when ATS was first released, simply turned it off globally and moved on. That will no longer be allowed.
从 2017 年开始,Apple will require HTTPS connections for iOS apps。应用程序将强制使用基于 TLS 的 ATS 来成功建立连接。
我目前正在为客户开发网络测量工具。使用低级套接字接口,目的是通过 TCP 或 UDP 将数据包传输到网络中的服务器,以测量 WiFi 连接的速度。
由于不清楚 Apple 将如何执行他们的新规则,我们发现很难估计我们的应用程序将如何受到它们的影响。是否有关于此的更多信息?它们适用于哪些类型的连接? iOS 根据哪些特征将连接标记为不安全?
您的应用应该没问题。请参阅此线程以及来自 Apple 员工的回复:https://forums.developer.apple.com/thread/48979
相关部分:
First up, there have been no changes to the technical behaviour of ATS (other than the addition of NSAllowsArbitraryLoadsInWebContent and NSRequiresCertificateTransparency). From a technical perspective, ATS exceptions in the newly seeded OS releases work the same way as they do in the current OS release. What has changed is that App Review will require “reasonable justification” for most ATS exceptions. The goal here is to flush out those folks who, when ATS was first released, simply turned it off globally and moved on. That will no longer be allowed.