iOS Development--adaptation chapter &IOS9 adaptation

iOS9 Adaptation1. Demo1_ios9 Network adapter _ats: Switch to more secure HTTPS

[Abstract]IOS9 changes all HTTP requests to https: The IOS9 system sends a network request that will use TLS 1.2 SSL uniformly. With the TLS 1.2 protocol, the purpose is to enforce enhanced data access security, and related network requests under the System Foundation framework will no longer default to unsecured network protocols such as Http, and TLS 1.2 is used by default. The server therefore needs to be updated to parse the relevant data. If not updated, you can reverse the unsecured network request by declaring it in Info.plist. The official document, called ATS, is all called App Transport Security and is a new feature of IOS9.

Before the discussion, as usual, first of all, The iOS program apes are most concerned about the problem:

Have a hair relationship with me? Do you need me to work overtime?

First, let's look at the industry's comments on Apple's approach:

This is a social app to discuss, it seems that the industry is still spit sound and affirmation of the sound of the same.

The conclusion is:

I have a relationship with you, work overtime, Junior!

The book "Serious Face", we formally discuss the following what,why,how:

1. What is SSL/TLS? What is the relationship with HTTP and HTTPS?)
2. Why (previous HTTP is not also available?) Why use SSL/TLS, idle panic?! Is Apple again anti-human? ）
3. How (How to fit?) ---weak and weak to ask: how long to work overtime? ）

What is SSL/TLS? What is the relationship with HTTP and HTTPS?)

What is SSL/TLS? The explanation of SSL does not repeat here, there are many articles on the Internet, not the focus of this article. What is TLS and what does it have to do with HTTP and HTTPS?

TLS is a new nickname for SSL. As an example:

"TLS1.0" to "SSL3.1", still "A.D. 2015" in the "Republic of 104", or "1 kilograms" to "one kilogram", or "half catty" to "82": The name is different, but the meaning is the same.

The iteration version after the SSL 3.0 version is renamed to TLS 1.0,

Other words:

TLS 1.0 = SSL 3.1

So they're a thing, and we often simply see the term "SSL/TLS". Currently, the most widely used is TLS 1.0, followed by SSL 3.0. Currently, the majority of browsers have implemented TLS 1.2 support.

Commonly used are the following:

• SSL 2.0
• SSL 3.0
• TLS 1.0 (SSL 3.1)
• TLS 1.1 (SSL 3.1)
• TLS 1.2 (SSL 3.1)

So why is the title "using HTTPS" without mentioning SSL and TLS? What does "SSL/TLS" have to do with HTTP and HTTPS?

To understand this, look at the relationship between them:

HTTP+SSL/TLS+TCP = HTTPS

Or

HTTPS = "HTTP over SSL"

Other words:

Apple lets your HTTP use the SSL/TLS protocol, which lets you go from http to https. The official document, called ATS, is all called App Transport Security.

Why (previous HTTP is not also available?) Why use SSL/TLS, idle panic?! Is Apple again anti-human? ）

HTTP communications that do not use SSL/TLS are non-encrypted communications!

Without SSL/TLS HTTP communication, all information is transmitted in plaintext, resulting in three major risks:

1. Eavesdropping risk (eavesdropping): Third parties can learn the content of the communication.
2. Tamper risk (tampering): Third parties may modify the communication content.
3. Impersonation risk (pretending): A third party can participate in the communication by impersonating another person.

The SSL/TLS protocol is designed to address these three risks and is expected to achieve:

1. All information is encrypted and third parties cannot eavesdrop.
2. With the verification mechanism, once tampered with, the communication parties will immediately find.
3. Equipped with identity card to prevent identity from being impersonated.

The role of SSL/TLS, figuratively speaking:

If the original HTTP is a plastic water pipe, easy to be punctured, then the new design of HTTPS today is like the original plastic pipe, and then a layer of metal pipe (SSL/TLS protocol). As a result, the original plastic pipe is still running, and secondly, after being reinforced with metal, it is not easy to be punctured.

How (How to fit?) ---weak and weak to ask: how long to work overtime? ）

As the beginning of the article says:

The TLS 1.2 protocol enforces enhanced network requests under the framework of the data access security system Foundation and will no longer default to unsecured network protocols such as Http, with TLS 1.2 being used by default. The server therefore needs to be updated to parse the relevant data. If not updated, you can reverse the unsecured network request by declaring it in Info.plist.

Anyway:

Either we have an iOS program ape working overtime, or backstage overtime:

Scenario One: Immediately let the company's server upgrade use TLS 1.2 to resolve the relevant data.

Scenario Two: Although Apple does not recommend, but can be declared in the Info.plist, back to the insecure network request will still allow the app to access the specified HTTP, or even arbitrary http, see GIF diagram, sample demo See Demo1

This is also the solution given by the official documentation and WWDC:

1. Apple official documentation
2. WWDC session: "Networking with Nsurlsession" session ("WWDC session 703," Privacy and Your App "O Web Link", Time around 30:18)

The XML source in the Info.plist configuration is as follows:

<key>NSAppTransportSecurity</key><dict>  <key>NSExceptionDomains</key>  <dict>    <key>yourserver.com</key>    <dict>      <!--允许子域名:subdomains-->      <key>NSIncludesSubdomains</key>      <true/>      <!--允许App进行不安全的HTTP请求-->      <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>      <true/>      <!--在这里声明所支持的 TLS 最低版本-->      <key>NSTemporaryExceptionMinimumTLSVersion</key>      <string>TLSv1.1</string>    </dict>  </dict></dict>

The above is a more rigorous approach that specifies which specific HTTP can be accessed. Of course, there are violent practices: completely backwards back to unsecured HTTP network requests, can make arbitrary HTTP requests, such as you are developing a browser app, or you want to lazy, or lazy backstage, or the company does not give you to upgrade the server ...

You can use the following XML source in the Info.plist configuration:

<key>NSAppTransportSecurity</key><dict>    <!--彻底倒退回不安全的HTTP网络请求，能任意进行HTTP请求 (不建议这样做)-->    <key>NSAllowsArbitraryLoads</key>    <true/></dict>

"Note: The above practices in Info.plist configuration have proven feasible, but the official documentation for Apple's prerelease version does not mention the code configured in Info.plist, and I will keep an eye on the official documentation, if any, to update this article." If you find the official documents mentioned, but also in the micro-bo @ios program Dogs Yuan notice me. 】

2.demo2_ios9 new Features _ more flexible background positioning

"IOS9 on the problem of positioning, there is a bad news a good news" bad news: If not fit iOS9, you can not sneak in the background (without blue bar, see picture)! Good news: This scenario will be allowed: multiple location managers in the same app: some can only be located in the foreground, others can be located in the background, and can be turned on or off in the background of a particular location manager at any time.

If you do not have permission to request background targeting, you can also locate it in the background, but with a blue bar:

How to secretly locate in the background: Request Background Location permissions:

 // 1. 实例化定位管理器_locationManager = [[CLLocationManager alloc] init];// 2. 设置代理_locationManager.delegate = self;// 3. 定位精度[_locationManager setDesiredAccuracy:kCLLocationAccuracyBest];// 4.请求用户权限：分为：?只在前台开启定位?在后台也可定位，//注意：建议只请求?和?中的一个，如果两个权限都需要，只请求?即可，//??这样的顺序，将导致bug：第一次启动程序后，系统将只请求?的权限，?的权限系统不会请求，只会在下一次启动应用时请求?if ([[[UIDevice currentDevice] systemVersion] floatValue] >= 8) {    //[_locationManager requestWhenInUseAuthorization];//?只在前台开启定位    [_locationManager requestAlwaysAuthorization];//?在后台也可定位}// 5.iOS9新特性：将允许出现这种场景：同一app中多个location manager：一些只能在前台定位，另一些可在后台定位（并可随时禁止其后台定位）。if ([[[UIDevice currentDevice] systemVersion] floatValue] >= 9) {    _locationManager.allowsBackgroundLocationUpdates = YES;}// 6. 更新用户位置[_locationManager startUpdatingLocation];

But if you try this way, and you don't configure info.plist,100%, your program crashes and you get an error:

Assertion failure in-[cllocationmanager setallowsbackgroundlocationupdates:],/buildroot/library/caches/ com.apple.xbs/sources/corelocationframework_sim/corelocation-1808.1.5/framework/corelocation/ cllocationmanager.m:593

To configure the Info.plist as follows:

The corresponding Info.plist XML source code is:

<key>NSLocationAlwaysUsageDescription</key><string>微博@iOS程序犭袁 请求后台定位权限</string><key>UIBackgroundModes</key><array>    <string>location</string></array>

3. Enterprise-level distribution

Before IOS9, enterprise-level distribution is very convenient: Click the app appears "Trust button",

After iOS9, the Enterprise Distribution IPA package will be treated the same as the DMG installation package on Mac: The default cannot be installed and the "trust button" no longer appears

You must have the user set up in the GIF (related demo:https://github.com/chenyilong/ios9adaptationtips/)

4.Bitcode (Popular explanation: Online version of Android art mode)

The future Watch app must contain bitcode,ios not mandatory, but Xcode7 will turn on Bitcode by default.

How to fit? Method One: Update the library to include Bitcode, otherwise the following warning will appear;

(null): Urgent:all Bitcode'll be dropped because '/users/myname/library/mobile documents/com~apple~clouddocs/ Foldername/appname/googlemobileads.framework/googlemobileads (GADSLOT+ADEVENTS.O) ' was built without bitcode. You must rebuild it with Bitcode enabled (Xcode setting Enable_bitcode), obtain a updated library from the vendor, or dis Able Bitcode for this target. Note:this'll be a error in the future.

Method Two: Close the Bitcode, see

For more information, please visit Bitcode Apple Official document

, and WWDC Session 102: "Platforms state of the Union"

5.URL scheme

In IOS9, if you use URL scheme You must whitelist the URL scheme you want to call externally in "info.plist", otherwise you cannot use it. Key is called Lsapplicationqueriesschemes, and the content of the value is

Recommend a blog: http://awkwardhare.com/post/121196006730/quick-take-on-ios-9-url-scheme-changes

The most critical of these are the following sections:

If you call the ' Canopenurl ' method on a URL of ' not ' in your whitelist, it'll return ' NO ', even if there is an app I Nstalled that have registered to handle this scheme. A "This app isn't allowed to query for scheme XXX" syslog entry would appear.

If you call the ' OpenURL ' method on a URL, then it's not in your whitelist, it'll fail silently. A "This app isn't allowed to query for scheme XXX" syslog entry would appear.

For more information, please visit: WWDC Session 703: "Privacy and Your App" https://developer.apple.com/videos/wwdc/2015/?id=703 Time around 30:18

6. ipad adapter slide over and Split View

"ipad adaptation slide over and Split View" If you want to fit the multi tasking feature, the only advice: Discard the pure code, instead of storyboard, xib, throughout the Apple WWDC all demos are the same:

1. Mysteries of Auto Layout, part 1

2. What ' s New in storyboards

3. Implementing UI Designs in Interface Builder

4. Getting Started with multitasking on IPad in IOS 9

5. Optimizing Your App for multitasking on IPad in IOS

iOS Development--adaptation chapter &IOS9 adaptation