Response failed, error buffer:the resource could not to loaded because the APP transport security P

From: https://segmentfault.com/a/1190000002933776

Reason: IOS9 HTTP is not working properly

Solution:

Upgrade today Xcode 7.0 Bata found network access failed.
Output error message

The resource could is loaded because the APP transport security policy requires the use of a secure connection.

After Google verified, IOS9 introduced the new features of the app Transport Security (ATS). Details: App transport Security (ATS)

The new feature requires that the network accessed within the app must use the HTTPS protocol.
But now the company's project is using the HTTP protocol, the use of private encryption to ensure data security. It is not immediately possible to change to HTTPS protocol transfer. finally find the following solutions:

Add nsapptransportsecurity type dictionary to Info.plist.

Add the Nsallowsarbitraryloads type Boolean under Nsapptransportsecurity, and the value is set to Yes see a lot of students to modify or not to add a screenshot:

Search for Info.plist in filter, select Info.plist to edit

Add the information in the way mentioned above, the correct changes will see the following image, note that the type nsapptransportsecurity for Dictionary,nsallowsarbitraryloads as Boolean, copy and paste, Do not have more spaces, segment fault on the page directly copied, often more than one out of space.

Note that there is also a info.plist under the unit test, which is ⚠️ to modify the file. Supplementary Notes

The method described above solves the problem of network access, but the security provided by Apple is also closed.
However, the closure of this restriction may be a more practical approach, in line with domestic conditions.
As for the reason, there are too many, Third-party SDK (almost all HTTP), partner access (they must not be required to support HTTPS).
If your app is not limited by these reasons, it is more recommended that you increase HTTPS support rather than turn off the restrictions.
Please make adjustments according to the actual situation of the project.

We advocate the use of HTTPS for security reasons, and second, prioritize the use of exceptions: adding a domain that allows access to the configuration list

@banxi1988 a way to add a configuration
For those who do not support HTTPS, you should first consider adding an exception

The way to add exceptions is simple:
Left Info.plist select Open with source code
Then add a configuration similar to the following:

    <key>NSAppTransportSecurity</key>
    <dict>
        <key>NSExceptionDomains</key>
        <dict>
            <key>qq.com</key>
            <dict>
                <key>nsincludessubdomains</ key>
                <true/>
            </dict>
            <key>sina.com.cn</key>
            <dict>
                < key>nsincludessubdomains</key>
                <true/>
            </dict>
           </dict>
   </ Dict>

According to their own needs of the domain name modification, nsincludesubdomains, as the name implies is to include subdomain meaning. Reference:

APP Transport Security Support aka apps on IOS 9 don ' t work #4560

711_networking_with_nsurlsession.pdf Summary:

Apple is increasing its use of safe controls, a move that shows Apple's emphasis on information security and the fact that most applications transmit data without being encrypted or encrypted in private, so that Apple is starting to make demands on developers.
Private encryption, while safe to some extent, is not a long-term solution. With so many security experts all over the world maintaining HTTPS security, early use of HTTPS ensures that information security is kingly. Also eliminates the security hidden danger of the private encryption protocol.