I run my own VPS in Amsterdam where I have a MySQL database that is being populated and maintained using ASP.NET. It's a Windows Server.
I use this API for four of my existing Android apps (published and working) with a few thousand users who never had any issues connecting to the API through those apps. Recently I finished one of the apps on the iOS platform and it got rejected because Apple couldn't get it to load any content, or it would get stuck on loading without ever returning anything (after we implemented a loading progress animation). After a lot of messaging between me and Apple's review team, they ended up accepting my app to be passed through review even though they never got it to work (or so I believe, they just said they would re-review it and it suddenly got approved after 7 rejects). None of my friends, family or users ever experienced any issues like this on either Android or iOS.
A good friend of mine who did most of the work on the API is also from the USA, which makes me doubt it's a location problem.
I must note that pretty much 99.99% of my users are Dutch and all my projects are build for Dutch users.
Does anyone have experience or ideas in this field? I'm about to publish an update for the already published app and I'm afraid they will reject it because of the same issue.
The exact message I got at first was:
Specifically, upon launch we found that the app failed to load any content.
Changing the API calls to be over HTTPS seems to have fixed the issue, Apple now has access to my API through all my apps.
Related
Let say If I want to check if the facebook or any other application is currently running on device ?
The answer is simply "No", this is absolutely not possible in iOS.
(Note that you can easily "open" another app - it's just like opening a web link - but you can not "check if it is already open".)
Simply your answer is NO
The reason behind this, in case of iOS, every app is running like on own sandbox. So there is no connection between one sandbox to another.
Update 2:
Decided to use Code-Level Support.
Included with your paid membership are two Technical Support Incidents
(TSIs) for code-level support from Apple support engineers.
Reply from Apple:
Automatic Assessment Configuration limits what features of the system
are available while in a testing environment. It locks the device to a
single app. It does not provide oversight, such as identifying which
apps are running.
Classroom is an app targeting K-12 classrooms. It provides teacher
oversight of student activities during lessons, including viewing
student screens.
https://www.apple.com/education/k12/teaching-tools/
https://support.apple.com/guide/classroom/welcome/ipados
I'm not aware of any functionality associated with either of these
that provides for notification of apps running in the background.
While I cannot say how any given app is implementing apparent
functionality, I'm pretty confident in saying that the app you mention
earlier is not using either Automatic Assessment Configuration or
integrating with Classroom.
You may want to contact the developer of the app in question.
Of course, it's also possible your colleague misunderstood and the app
is not in fact doing any such reporting.
I would also encourage you to file feedback requesting such a feature.
Please submit your suggestion via Feedback Assistant
https://feedbackassistant.apple.com. For more information on
Feedback Assistant, please visit
https://developer.apple.com/bug-reporting/.
While you were initially charged a technical support incident for this
request, we have assigned a replacement incident back to your Apple
Developer Program account.
Perhaps my colleague mistook Android version of the app for iOS.
Update:
After reading some more about this it could be related to Automatic Assessment Configuration and AEAssessmentSession.
This allows an app to:
Enter single-app mode and prevent students from accessing specific
system features while taking an exam.
and
A session provides protections by preventing access to desktop
elements like:
...
Other apps, except those that you selectively allow
https://developer.apple.com/documentation/automaticassessmentconfiguration
https://developer.apple.com/documentation/bundleresources/entitlements/com_apple_developer_automatic-assessment-configuration
https://developer.apple.com/documentation/automaticassessmentconfiguration/aeassessmentsession
Sample code here:
https://developer.apple.com/documentation/automaticassessmentconfiguration/build_an_educational_assessment_app
Original:
I agree with #AnkurLahiry and #Fattie that it should not be possible due to sandbox environment. According to Apple Developer Forums it is not possible either:
https://developer.apple.com/forums/thread/48374
However a colleague took his hunting degree and they used an app for examination. This app could detect other apps running in the background. For example one person had Teams app running and the examinators could then tell that he had that exact app running on his phone. Not just installed but running in the background.
https://apps.apple.com/se/app/teoriprov-f%C3%B6r-j%C3%A4garexamen/id1548547811
He took the test 2022-04-29 and was using the app version 1.0.8.
I'm not an iOS developer but I have done some experiments with disabling or bypassing SSL Pinning/Certificate Pinning on Android. In this case developers often used checks in the native layer as well as the Java layer to make it difficult to bypass. My guess is that they use low-level access to detect if a process is running or not.
https://security.stackexchange.com/questions/149325/disable-or-bypass-ssl-pinning-certificate-pinning-on-android-6-0-1
https://developer.apple.com/documentation/objectivec
Unfortunately I don't have more information than that. Next step could be contacting them and see if they are willing to share how they did it.
You could also read up on examination apps and classroom:
https://apps.apple.com/us/app/classroom/id1085319084
For Android you can check it like this:
https://stackoverflow.com/a/22503513/3850405
A few days ago, Apple rejected my app, indicating that it didn't have IPV6 support, however I don't need that support since my app does not require internet access.
I asked the following:
Hi, my app does not need any internet connection yet.
So, why it's required to have support to IPV6?
They said:
Thank you for your response and for your question. In order to bring your app into compliance with Guideline 2.1 it would be appropriate for your app not to crash when logging in.
end
So, why do I need that Support?
If is necessarily, how do I can do it?
Please I need help
Test your app extensively and fix the crash. Enter wrong values, don't enter anything at all, intentionally try to break your app and get it to crash. Then you will find your error and you can fix.
EDIT BASED ON COMMENT BELOW
"My app don`t need conect with external database, because I got the information inside" - in this case, no, you do not need to add IPv6 support because you are not communicating with the internet for logging in purposes.
You can keep the login given it is only going to be 2 people using the app, just resolve the crash when logging in.
To test, enter a variety of incorrect passwords and usernames to ensure that there is no crash on incorrect entries, and confirm that correct entries do not crash the app.
Original Answer
Apple indicated that because there is a login feature, they think it is trying to communicate with an external database (ie a database that is not on the device). If there is no external database, just fix the crash is what they are asking.
Based on your question, you have eluded to the app not communicating externally for logging in. While some may find this odd, it is not uncommon. An example for those wondering would be a childrens app for iPad. The iPad might be shared amongst several children and as such each child might complete different sections or features of the app so an account local to the device is a good idea if there is no cloud support.
If there is external communication, you need to handle the case for no internet access. The question has been answered extensively, however this was the first result I found:
Detect Internet Connection and display UIAlertview Swift 3
Update: Why do I need to Support the case for no internet connection?
A use case:
John has just downloaded your app. He has just walked through the steps to create an account, but he has accidentally set his device to Aeroplane Mode.
John hits the "Create Now" button but nothing is happening. There is no error or success alert appearing, the screen has not changed, he can't see a loading icon. John is confused and getting frustrated because he's certain that he has completed everything in the form.
John doesn't understand that he needs internet connectivity to successfully submit a request to create an account. John decides to delete your app from his device and leaves a bad review.
John really could have used an alert saying "You need internet connection to sign up to this app. Please check you are connected and try again". This would have made John a whole lot happier and he probably would have continued to use your app with all of it's amazing features.
More information can be found in the guidelines that Apple mentioned, and further to this, the Apple Design Principles Guide is an invaluable resource.
I hope this makes sense.
I have an iOS App on the App Store, and it connects to Google Drive. In the past week or so, I've noticed two new problems in my live app.
The App suddenly stopped logging in. I would get a 401 - invalid_client. I found a lot of questions/answers for this problem, but they were all for people who couldn't get it working. Mine was working for about two years and then stopped working a couple of days ago. After trying a lot of things, I found that I was using <id>#developer.gserviceaccount.com as my Client ID, and when I changed it to <id>.apps.googleusercontent.com it worked again. I don't know why this change fixed it, and even knowing that this fixes it, I can't find if this is the correct/appropriate solution.
I explain my second problem, which is very specific here, but skip to the next paragraph to get to the point. The second issue is a a result of Google changing the way their API calls respond, and this is why this wasn't an issue when we submitted the latest version of the App to the App Store. Google has changed the way the explicitlyTrashed property of their GTLDriveFile class. Per their spec, this property should be either an NSNumber containing Yes, or null. They have recently changed it so that it is always an NSNumber set to either Yes or No. This is what's breaking our functionality.
Anyway, these are two changes Google has made on their end recently that currently has my customers on hold since I have to fix this and push it out. My question is if there's a place to keep up with these changes that Google is making recently. Also, if someone knows or can point me to why the first issue is happening, I would greatly appreciate it.
For the first issue, the reason why it got resolved by using [id].apps.googleusercontext.com is because it it requesting an authorization token from an app to the server, as opposed to a Server to Server transaction using impersonation ([id]#developer.gserviceaccount.com). This is the right solution for both android and IOS apps requesting a token.
As for your second question, the best way to keep up to date with the latest changes is through their official blog: http://googleappsdeveloper.blogspot.com/
Another resource is the G+ Google Drive Developer community: https://plus.google.com/communities/107264319205603895037
I setup a Mobile App using the developer's panel and added all the correct information as mentioned in the tutorial video on the Facebook SDK page.
It's a native iOS app so I supplied the bundle ID and the App Store ID. I've installed the SDK and Facebook is registering installs whenever I run it on my device.
However once I tried to use the "Promote" feature to setup install ads it keeps getting rejected by Facebook on the grounds that the URL is bad. The URL works fine as I've tested it multiple times. The URL is generated by Facebook itself using the App ID.
I've tried submitting it again after changing the creative, but I'm assuming I've been blacklisted since it immediately is disapproved.
What can I do?
Is your app limited to a certain region or country?
My ad was also disapproved and this is what I got:
"The destination URL of this ad violates our Ad Guidelines or could not be reviewed. Please check the URL you have submitted to ensure that it is free of any spelling errors and that it complies with our Advertising Guidelines. Please note that all sites must be viewable and functioning properly, regardless of the viewer's location. Additionally, sites are prohibited from linking to proprietary file types (.pdf, .doc, etc,) initiating automatic downloads, or trapping a user's browser in any way (e.g., pop-ups of any kind).
"
In my case the only logical explanation would be the availability of the app, as it is only available in one country. I link directly to the app store so that should not be a problem...
Sorry for my reply, i know it's not very helpful, but there is so little info on the web about it. I need to do detective work in order to understand what is happening.
I had the exact same thing. I think Facebook changed a ton of stuff in their ads dashboard. I created a new ad yesterday and it was finally approved. Try again.
There is a newly introduced issue with iPhone 3.0 SDK and how it deals with the NSURL method for automatically making phone calls. It used to be that you could call a method (NSURL), pass in a string with a URL prefix (tel://, sms, etc...) and the iPhone OS would dispatch the message to the device, such as iTunes, App Store, Phone, SMS, Mail, Safari, etc... The code goes something like this:
[openURL:[NSURL URLWithString:#"tel://8005551212"]];
When the method was called the phone call would be placed automatically. With the iPhone OS 3.0 when the method is called the app pops up a dialogue box asking for confirm the phone call. This breaks several existing apps as well as one that we just pushed into the App Store for review.
Can anyone think of a fix to this issue? I'm currently at a loss for what to do and trying to decide what other ways to handle this new wrench in the works.
I blogged about this and suggested that people contact Apple and make them aware of this issue. I also recommend a fix that a friend and I were thinking about - and that is to use the same "authorization" that location aware apps have; an app knows it's location aware and asks the user if it's okay to use their location.
Again, if anyone has a fix for this issue (and that is within the realm of the iPhone SDK as to not be rejected by Apple) please let me know; I would be greatly appreciative.
Update: Julian Romero Nieto has a good description of the bug and cites the (updated) Apple documentation and shows the issue at hand. You can read his posting to Oper Radar here.
I believe this is included as a security feature - imagine an app that called a 900 number at 3am every day for 10 minutes. If you compare it to the new 'In-App Purchase' API - it's much the same.
The location API comparison is a bad example - getting the users location is a privacy concern, not a financial one.
You can't fix this issue as this is what is intended - anything you do to "fix" the issue will result in an app that won't be approved.
The user experience is considered not to be good when an app can choose to dial a number without the user's consent. It would be possible for software to dial "premium" numbers that cost the user a lot of money without them realising.
This is standard across all mobile software platforms and OS - if it just changed in OS 3.0 then this shows that it must have been an issue that initially Apple thought they could get around. However I think that Mobile Operators will have put pressure on Apple to introduce this as often then end up having to refund the user - but will have already paid out the money to the "premium" number.
I am not sure if "premium" numbers exist in the US as much as they do in Europe and that maybe the reason this is hard to understand.
The RFC for tel:// says to NOT allow autodialing of numbers via the tel: scheme.
So they have to chose between RFC compliance and breaking these few apps.
I hope the chose to ignore the RFC, at least to allow apps to keep dialing if they allow it.
I question whether this is intentional on Apple's part to push users to purchase a new iPhone if they want voice dialing - this problem breaks all of the 3rd party voice dialing apps, making them unsafe and basically useless.
Let's keep up the pressure on Apple to make this a user-configurable setting.
Perhaps you meant newly introduced feature instead of issue?
I don't think you will get Apple to remove the confirmation popup, especially if it is RFC compliance.
Lemmy quote Joel (http://www.joelonsoftware.com/items/2009/06/10c.html) regarding broken apps:
A good platform always has
opportunities for applications that
aren’t just gap-fillers. These are the
kind of application that the vendor is
unlikely ever to consider a core
feature, usually because it’s vertical
— it’s not something everyone is going
to want. There is exactly zero chance
that Apple is ever going to add a
feature to the iPhone for dentists.
Zero.
I would not want some application to make calls, send sms or even connect to internet (living in a country where unlimited mobile data plans are still far in the future) without my consent.
Certainly operator's headache when customers complain about unknown calls on bills.