I am using Alamofire to connect to a web service. It seems as if the server has an invalid certificate. I would like to have alamofire ignore this invalid cert. I added the following values to my info.plist:
<dict>
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>example.com</key>
<dict>
<key>TemporaryExceptionMinimumTLSVersion</key>
<string>TLSv1.2</string>
<key>ExceptionRequiresForwardSecrecy</key>
<false/>
<key>IncludesSubdomains</key>
<true/>
<key>ExceptionAllowsInsecureHTTPLoads</key>
<true/>
</dict>
</dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
But I am still getting this issue. What else should I do to allow this invalid cert?
UPDATE: Still having same issue.
Related
I am developing flutter ios app with frebase. I want to login to the app using sms authentication. When i am running the app it is fetching details from db. But it is showing the error in app launching time.
The error is
- [Firebase/Core][I-COR000004] App with name __FIRAPP_DEFAULT does not exist.
In the xcode i have enabled the enabled "Push Notifications" and "Remote Notifications" for removing captcha in OTP verification.
But if i disabled "Push Notifications" and "Remote Notifications" it will show captcha. And after verifying captcha it send SMS.
- [Firebase/Core][I-COR000004] App with name __FIRAPP_DEFAULT does not exist. in application open.
i given below main.dart file
final FirebaseApp app = await FirebaseApp.configure(
name: myApp,
options: const FirebaseOptions(
googleAppID: '1:57979xxxxx:ios:c9d1031xx',
gcmSenderID: '58989xxxxx6',
apiKey: 'AIzaSyANwavsssasxxxxxxxxxxxKBNF7I',
projectID: 'myApp',
),
);
The SMS verification code is
await firebaseAuth.verifyPhoneNumber(
phoneNumber: "+91"+phoneNumber,
timeout: Duration(seconds: timeOut),
codeAutoRetrievalTimeout: autoRetrieve,
codeSent: smsCodeSent,
verificationCompleted: verifiedSuccess,
verificationFailed: veriFailed);
final PhoneVerificationFailed veriFailed = (AuthException exception) {
print("ERROR");
print('${exception.message}');
throw new Exception(exception);
};
When i enabled "Push Notifications" and "Remote Notifications"
It will show the error in "veriFailed" function . The error is
Invalid Token and
PlatformException(ERROR_MISSING_VERIFICATION_ID, The phone auth credential was created with an empty verification ID., null)
The info.plist is
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>APS Environment</key>
<string>production</string>
<key>CFBundleDevelopmentRegion</key>
<string>en</string>
<key>CFBundleDisplayName</key>
<string>My App</string>
<key>CFBundleExecutable</key>
<string>$(EXECUTABLE_NAME)</string>
<key>CFBundleIdentifier</key>
<string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
<key>CFBundleInfoDictionaryVersion</key>
<string>6.0</string>
<key>CFBundleName</key>
<string>My App</string>
<key>CFBundlePackageType</key>
<string>APPL</string>
<key>CFBundleShortVersionString</key>
<string>$(FLUTTER_BUILD_NAME)</string>
<key>CFBundleSignature</key>
<string>????</string>
<key>CFBundleURLTypes</key>
<array>
<dict>
<key>CFBundleTypeRole</key>
<string>Editor</string>
<key>CFBundleURLSchemes</key>
<array>
<string>fb3xxxxxxxxx</string>
</array>
</dict>
<dict>
<key>CFBundleTypeRole</key>
<string>Editor</string>
<key>CFBundleURLSchemes</key>
<array>
<string>com.googleusercontent.apps.xxxxxxxxxxxxxxx</string>
</array>
</dict>
<dict>
<key>CFBundleTypeRole</key>
<string>Editor</string>
<key>CFBundleURLSchemes</key>
<array>
<string>com.myapp.app</string>
</array>
</dict>
</array>
<key>CFBundleVersion</key>
<string>$(FLUTTER_BUILD_NUMBER)</string>
<key>FacebookAppID</key>
<string>334xxxxxxxx</string>
<key>FacebookDisplayName</key>
<string>My App</string>
<key>FirebaseAppDelegateProxyEnabled</key>
<false/>
<key>LSRequiresIPhoneOS</key>
<true/>
<key>NSLocationAlwaysAndWhenInUseUsageDescription</key>
<string>This application requires location services to work</string>
<key>NSLocationAlwaysUsageDescription</key>
<string>This application requires location services to work</string>
<key>NSLocationWhenInUseUsageDescription</key>
<string>This application requires location services to work</string>
<key>UILaunchStoryboardName</key>
<string>LaunchScreen</string>
<key>UIMainStoryboardFile</key>
<string>Main</string>
<key>UISupportedInterfaceOrientations</key>
<array>
<string>UIInterfaceOrientationPortrait</string>
</array>
<key>UISupportedInterfaceOrientations~ipad</key>
<array>
<string>UIInterfaceOrientationPortrait</string>
<string>UIInterfaceOrientationPortraitUpsideDown</string>
<string>UIInterfaceOrientationLandscapeLeft</string>
<string>UIInterfaceOrientationLandscapeRight</string>
</array>
<key>UIViewControllerBasedStatusBarAppearance</key>
<false/>
<key>io.flutter.embedded_views_preview</key>
<true/>
</dict>
</plist>
My pubspec.yaml is
firebase_core: ^0.4.0+8
firebase_auth: ^0.11.1+11
cloud_firestore: ^0.12.7
firebase_messaging: ^5.1.2
I don't know how to solve the issue please help me.
Swap lines in AppDelegate.swift to FirebaseApp is called before plugin.
FirebaseApp.configure()
GeneratedPluginRegistrant.register(with: self)
I solve the by changing auth plugin to
firebase_auth:
git:
url: https://github.com/collinjackson/plugins.git
ref: 441417c2fed0ff26bf84a49ab2c5ffd2aa5487de
path: packages/firebase_auth
After adding the plugin the problem solved. The plugin firebase_auth: ^0.11.1+11 is making the issues
I have an issue that appeared recently.
In my code, I load some images from an HTTP server:
let urlPicture = "http://images.mydomain.com/" + self.currentUser.pic
imageView.sd_setImageWithURL(NSURL(string: urlPicture))
I do not use HTTPS for my images server because I guess it would have been too slow, but maybe I'm wrong on this point.
A nodejs server is running in an AWS EC2 instance, and listens on port 80 to manage images.
Due to ATS restrictions, I declare an exception in my Info.plist file for my images subdomain:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>images.mydomain.com</key>
<dict>
<key>NSExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSExceptionMinimumTLSVersion</key>
<string>TLSv1.2</string>
<key>NSExceptionRequiresForwardSecrecy</key>
<true/>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSRequiresCertificateTransparency</key>
<false/>
<key>NSThirdPartyExceptionAllowsInsecureHTTPLoads</key>
<false/>
<key>NSThirdPartyExceptionMinimumTLSVersion</key>
<string>TLSv1.2</string>
<key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
<true/>
</dict>
</dict>
</dict>
Recently I added a new subdomain on the same AWS instance: https://api.mydomain.com
Another nodejs server listens on 443 port and manages the API.
Since this change, everything is fine in my app when I call the API, but when I load images I am facing the following issue:
NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9802)
Any idea fo fix that?
I found the issue.
It was on server side, the HTTPS server running on the same AWS instance is configured with HSTS:
var ONE_YEAR = 31536000000;
app.use(helmet.hsts({
maxAge: ONE_YEAR,
includeSubdomains: true,
force: true
}));
The variable includeSubdomains set to true forces my other domain images.mydomain.com to use HTTPS protocol while it is a HTTP server.
To solve it, just exclude others domains in HSTS configuration:
var ONE_YEAR = 31536000000;
app.use(helmet.hsts({
maxAge: ONE_YEAR,
includeSubdomains: false,
force: true
}));
Can you add this in plist.
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
Heyy, I have spent the last day or so racking my brain trying and failing to disable the ATS, I know it is deemed bad too, but I am currently only working on the app internally. I have tried many suggestions online to no avail, latest try below of info.plist. I am lost as to what to do?
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CFBundleDevelopmentRegion</key>
<string>en</string>
<key>CFBundleExecutable</key>
<string>$(EXECUTABLE_NAME)</string>
<key>CFBundleIdentifier</key>
<string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
<key>CFBundleInfoDictionaryVersion</key>
<string>6.0</string>
<key>CFBundleName</key>
<string>$(PRODUCT_NAME)</string>
<key>CFBundlePackageType</key>
<string>BNDL</string>
<key>CFBundleShortVersionString</key>
<string>1.0</string>
<key>CFBundleSignature</key>
<string>????</string>
<key>CFBundleVersion</key>
<string>1</string>
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>localhost</key>
<dict>
<!--Include to allow subdomains-->
<key>NSIncludesSubdomains</key>
<true/>
<!--Include to allow HTTP requests-->
<key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
<true/>
<!--Include to specify minimum TLS version-->
<key>NSTemporaryExceptionMinimumTLSVersion</key>
<string>TLSv1.1</string>
</dict>
</dict>
</dict>
</dict>
</plist>
Debug console eror print
error=Optional(Error Domain=NSURLErrorDomain Code=-1022 "The resource
could not be loaded because the App Transport Security policy requires
the use of a secure connection."
UserInfo={NSUnderlyingError=0x7f9670e85620 {Error
Domain=kCFErrorDomainCFNetwork Code=-1022 "(null)"},
NSErrorFailingURLStringKey=http://localhost/sfc/manualorder.php,
NSErrorFailingURLKey=http://localhost/sfc/manualorder.php,
NSLocalizedDescription=The resource could not be loaded because the
App Transport Security policy requires the use of a secure
connection.})
If you want to disable ATS, you can just add this to the Info.plist
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
And when you're finished working on your app, you can re enable it and go granular with whitelisting your domains.
Like this, the first includes all subdomains and the second does not:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>maindomain.com</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
<true/>
</dict>
<key>other.domain.net</key>
<dict>
<key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
<true/>
</dict>
</dict>
</dict>
One added step that you may require if you're testing on simulator, is to both clean the project and reset the content and settings of the simulator, then build and run again.
I'm trying to install a beta app to an iOS device and am hosting the manifest.plist and IPA file on HTTPS with a self-signed certificate. When I hit the itms-services:// link, I get an error of "Cannot connect to <ip address>".
itms-services link:
itms-services://?action=download-manifest&url=https://10.0.1.2:1338/ipa/manifest.plist
plist:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>items</key>
<array>
<dict>
<key>assets</key>
<array>
<dict>
<key>kind</key>
<string>software-package</string>
<key>url</key>
<string>https://10.0.1.2:1338/ipa/test.ipa</string>
</dict>
</array>
<key>metadata</key>
<dict>
<key>bundle-identifier</key>
<string>com.company.test</string>
<key>bundle-version</key>
<string>1.0</string>
<key>kind</key>
<string>software</string>
<key>title</key>
<string>test</string>
</dict>
</dict>
</array>
</dict>
</plist>
Try adding your certificate to the trusted ones (probably, easiest thing to do is to mail a cer file to device and open it from standard mail app to install).
Another thing you need to make sure is that your server supports TLS 1.2 and Forward Secrecy.
You can use nscurl --ats-diagnostics https://example.com/app.ipa to check if everything done right.
Its possible:
Create the certificate file (export as DER encode X.509)
Access file from device via HTTP (like the manifest.plist in your example)
Agree to install it in device
Turn it on: https://support.apple.com/en-au/HT204477
I have a application run as a daemon. I put the application plist under under /Library/LaunchDaemons on iOS 8 device, and launch it by executing the command
launchctl load /Library/LaunchDaemons/com.mycompany.testapp.plist
In my laumchd plist Note that the application is running as a daemon by executing the command
I would like to make this application restart only when it is crash or is killed. If I intentionally exit it with code 0, I don't want it to restart. I've tried the below configuration. This does work on iOS 7, but do NOT work on iOS 8.
<key>KeepAlive</key>
<dict>
<key>SuccessfulExit</key>
<true/>
</dict>
Thus I tried adding another key StartInterval which's set as 10.
<key>StartInterval</key>
<integer>10</integer>
I tested this scenario by exit with code 0 and by kill my application with command kill -9 [PID]. This key makes my application to start again after 10 seconds after being killled. However, I have a concern about the result of this key while my application is running.
Does this key have an affect on the started and running application. I've monitored the log, seem StartInterval key do nothing with the running daemon. However, I'm quite not sure about it. Could you explain more information about it? Thank you very much.
According to this link http://pitaya.ch/documentation/iOS8_0APIDiffs.html all traces to launchd in the headers have disappeared. (search for /usr/include/launch.h, so you see it was removed)
Seems because the moved to new libxpc as base for launchd (see last slide in http://technologeeks.com/docs/launchd.pdf).
Seems like they changed launchd behaviour in iOS 8. Of Apple's own LaunchDaemons (located under /System/Library/LaunchDaemons/) some also have a KeepAlive-property in Dictionary format. If you kill them, they are respawned by launchd instantly.
But after some testing the only way to have KeepAlive-property working, is to add either add LaunchEvents (see slide 21ff in http://technologeeks.com/docs/launchd.pdf) and/or MachServices to the plist or to change the KeepAlive-property to:
<key>KeepAlive</key>
<true/>
But then there is NO way to kill your deamon without launchd respawning it, aside from executing launchctl unload /Library/LaunchDaemons/com.mycompany.testapp.plist.
My working plist:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Program</key>
<string>/path/to/your/daemon</string>
<key>RunAtLoad</key>
<true/>
<key>Label</key>
<string>com.mycompany.testapp</string>
<key>EnablePressuredExit</key>
<false/>
<key>UserName</key>
<string>root</string>
<key>JetsamProperties</key>
<dict>
<key>JetsamPriority</key>
<integer>-49</integer>
<key>JetsamMemoryLimit</key>
<integer>10000</integer>
</dict>
<key>POSIXSpawnType</key>
<string>Adaptive</string>
<key>Disabled</key>
<false/>
<key>ThrottleInterval</key>
<integer>5</integer>
<key>KeepAlive</key>
<dict>
<key>SuccessfulExit</key>
<false/>
<key>Crashed</key>
<true/>
</dict>
<key>MachServices</key>
<dict>
<key> com.mycompany.testapp.someMachService</key>
<true/>
</dict>
<key>EnableTransactions</key>
<false/>
<key>LaunchEvents</key>
<dict>
<key>com.apple.notifyd.matching</key>
<dict>
<key>SignificantTimeChangeNotification</key>
<dict>
<key>Notification</key>
<string>SignificantTimeChangeNotification</string>
</dict>
<key>SomeMoreNotifications</key>
[...]
</dict>
</dict>
</dict>
</plist>
About the StartInterval-property: Even Apple has this property in addition to the KeepAlive-property for some important daemons (e.g. com.apple.locationd) and they seem running just fine. So I don't think you have to worry...
Use false with SuccessfulExit key.
SuccessfulExit
If true, the job will be restarted as long as the program exits and with an exit status of zero.
If false, the job will be restarted in the inverse condition. This key implies that "RunAtLoad"
is set to true, since the job needs to run at least once before we can get an exit status.