Xcode7 Creating an HTTP request error

When you recently sent a request to the server to access JSON data in Xcode 7, the console printed the following error message:

load since it is insecure. Temporary exceptions can be configured via your app‘s Info.plist file.*** Terminating app due to uncaught exception ‘NSInvalidArgumentException‘, reason: ‘data parameter is nil‘

The reason for this should be that the NSData data obtained is empty, so an error occurred while calling the + Jsonobjectwithdata: method. Verify that the HTTP links are accessed normally. It was later discovered that the IOS9 application communication security policy was upgraded and no longer supported HTTP for this insecure protocol (what'sNew in IOS 9.0):

APP Transport Security

App Transport Security (ATS) enforces best practices in the secure connections between a app and its back end. ATS prevents accidental disclosure, provides secure default behavior, and is easy to adopt; It is also on by default in IOS 9 and OS X v10.11. You should adopt ATS as soon as possible, regardless of whether you ' re creating a new app or updating an existing one.

If you ' re developing a new app, you should use HTTPS exclusively. If you had an existing app, you should use HTTPS as much as can right now, and create a plan for migrating the rest O F your app as soon as possible. In addition, your communication through higher-level APIs needs to BES encrypted using TLS version 1.2 with forward secrecy . If you try to make a connection that doesn ' t follow this requirement, an error is thrown. If your app needs to make a request to the insecure domain, you have to specify this domain in your app ' s info.plist file.

As for why HTTP is not secure, HTTP is a Hypertext Transfer Protocol, the information is transmitted in clear text, and HTTPS is transmitted using the SSL encrypted transport protocol. Since the server link is not our front-end can determine, if you must send the HTTP protocol request, you can modify the current project's Info.plist file to achieve:

Method One: Use text editing Info.plist to add:

<!--回到过去不安全的HTTP网络请求，能任意进行HTTP请求 (不建议这样做, 原因见下文)--><key>NSAppTransportSecurity</key><dict> <key>NSAllowsArbitraryLoads</key> <true/></dict>

Method Two: Add in Info.plist:

The effect of the above two approaches is consistent, but not rigorous, it is recommended to have the option to allow HTTP requests (this method is the same as "mode One" above):

<Key>nsapptransportsecurity</Key><Dict><Key>nsexceptiondomains</Key><Dict><key> domain name. com</Key><Dict><!--allow sub-domain:subdomains--><Key>nsincludessubdomains</Key><True/><!--allow apps to make unsecured HTTP requests--<</key> <true/> <!--declare the supported TLS here Minimum version--<key>nstemporaryexceptionminimumtlsversion< Span class= "Hljs-tag" ></key> < String>tlsv1.1</string> </< Span class= "Hljs-title" >dict> </dict> </DICT>         

Of course, all of the above methods are based on the HTTP type of the request being accessed, and once and for all, the service side upgrades the TLS 1.2 SSL protocol using the cryptographic request HTTPS .

The server has supported TLS 1.2 SSL, but it still does not work on the iOS9, and it also needs to be adapted in the link. "That's because ATS only trusts certificates issued by well-known CAs, and the self signed certificate used by small companies will still be intercepted by ATS." For this, it is recommended to use the nsexceptiondomains given in the link and hang your company's domain name below.

Reference: Ios9adaptationtips

--xcode Version 7.0 Beta (7a120f)

Xcode7 Creating an HTTP request error